[refpolicy] services_openvpn.patch

Christopher J. PeBenito cpebenito at tresys.com
Wed Oct 8 15:07:09 CDT 2008


On Wed, 2008-09-24 at 16:13 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F10/services_openvpn.patch
> 
> Add initrc script support
> 
> allow admin to start/stop service
> 
> Admin needs admin_pattern on all file types
> 
> Addition files in /var/log/openvpn need correcl labeling
> 
> needs setgid and sys_chroot
> 
> can exec scrpt files in the config directory
> 
> connect to httpd port
> 
>  Need to interact with terminals if config option "auth-user-pass" is used

Merged except for the terminals change, since sysadm is redundant and
the unconfined part is missing too.

-- 
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150



More information about the refpolicy mailing list