Re: How to setup NM VPN ?

On Thu, Feb 12, 2009 at 04:58:27PM -0300, Miguel Rozsas wrote:
> I just figure out how to fix the SELinux issue. 
> I learned somewhere in the net in a SELinux tutorial that when you copy a file from one place to another you are copying the SELinux attributes too. But when you create a new file it has the right selinux attributes for that location.
> So I did, (as root):
> [code]
> touch /etc/openvpn/user.pem
> touch /etc/openvpn/key.pem
> touch /etc/openvpn/cacert.pem
> cp ~miguel/tmp/user.pem /etc/openvpn/user.pem
> cp ~miguel/tmp/key.pem /etc/openvpn/key.pem
> cp ~miguel/tmp/cacert.pem /etc/openvpn/cacert.pem
> chmod a+r /etc/openvpn/*.pem
> [/code]
> and I setup the NM-vpn using the files on /etc/openvpn, not the ones on my home.
> If you have a better idea/solution I want to hear you.

Assuming Fedora 10 has the same SELinux setup and tools as Fedora 9:

In Fedora 9, there is a SELinux boolean "openvpn_enable_homedirs"
which is not set by default.  You can set this by using setsebool
(policycoreutils package) or system-config-selinux (from the
policycoreutils-gui package).  After you have done this, you can
copy your SSL key and certs back to the home dir.


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]