Re: How to setup NM VPN ?

From: Robert Vogelgesang <vogel users sourceforge net>
To: networkmanager-list <networkmanager-list gnome org>
Subject: Re: How to setup NM VPN ?
Date: Fri, 13 Feb 2009 10:34:21 +0100

On Thu, Feb 12, 2009 at 04:58:27PM -0300, Miguel Rozsas wrote:
> 
> I just figure out how to fix the SELinux issue. 
> I learned somewhere in the net in a SELinux tutorial that when you copy a file from one place to another you are copying the SELinux attributes too. But when you create a new file it has the right selinux attributes for that location.
> 
> So I did, (as root):
> [code]
> touch /etc/openvpn/user.pem
> touch /etc/openvpn/key.pem
> touch /etc/openvpn/cacert.pem
> cp ~miguel/tmp/user.pem /etc/openvpn/user.pem
> cp ~miguel/tmp/key.pem /etc/openvpn/key.pem
> cp ~miguel/tmp/cacert.pem /etc/openvpn/cacert.pem
> chmod a+r /etc/openvpn/*.pem
> [/code]
> 
> and I setup the NM-vpn using the files on /etc/openvpn, not the ones on my home.
> 
> If you have a better idea/solution I want to hear you.
> 

Assuming Fedora 10 has the same SELinux setup and tools as Fedora 9:

In Fedora 9, there is a SELinux boolean "openvpn_enable_homedirs"
which is not set by default.  You can set this by using setsebool
(policycoreutils package) or system-config-selinux (from the
policycoreutils-gui package).  After you have done this, you can
copy your SSL key and certs back to the home dir.

	Robert

References:
- How to setup NM VPN ?
  - From: Miguel Rozsas
- Re: How to setup NM VPN ?
  - From: Dan Williams
- RE: How to setup NM VPN ?
  - From: Miguel Rozsas

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]