Menu
▾
▴
Re: [Openvpn-devel] Possible bug in OpenVPN-2.0.9
|
From: James Y. <ji...@yo...> - 2007-08-21 17:10:33
|
Bernd Bartmann wrote: > Hi, > > I'm running Centos 5 32bit and installed openvpn-2.0.9-1.el5.rf from > Dag Wieers Repo. When OpenVPN is started during boot-up it just shows > an SElinux related error message and does not start. When I start > OpenVPN manually after > the system has come up completely it works fine. Please have a look at > the log extract at the end of this email for all SElinux related > messages. > > I already reported this problem to the Centos and SElinux mailing > lists. Daniel Walsh (SElinux guru) had the following suggestions: > > I am wondering why the SElinux warnings only occur when OpenVPN is started at boot-up. OpenVPN's behavior with respect to touching things that might trigger SELinux errors shouldn't significantly change whether or not it is started on boot-up or later. It would be nice if SELinux would produce more useful debug information such as stack trace (that could be gleaned by looking at the userspace stack and debug info from gcc -g) or at least indicate if the problem is in a shared object that's dynamically linked with OpenVPN at run time. As it is, I'm not aware of any reason why OpenVPN would need stack execution permission. James |
