1 |
On Thu, Feb 12, 2015 at 11:37 PM, Joseph <syscon780@×××××.com> wrote: |
2 |
> No, the problem in Fedora was thier "selinux". I suppose to be some extra |
3 |
> security, but it seems to me it creates only more problems. |
4 |
|
5 |
A common observation with SELinux. Even so, it definitely DOES |
6 |
provide additional security. It is a standard Linux feature and |
7 |
available on Gentoo as well. If the configuration isn't right (and it |
8 |
is easy to get it wrong) then you'll have problems. |
9 |
|
10 |
I forget all the details of SELinux, but you should be able to put it |
11 |
in a mode that logs but does not enforce. Using those logs you should |
12 |
be able to determine exactly what roles/permissions/labels/etc are |
13 |
missing. I suspect that if you just dumped the relevant logs on |
14 |
Fedora's bugzilla that they'd fix their openvpn package for you. If I |
15 |
had a working SELinux setup I wouldn't be too quick to just completely |
16 |
disable it over one package. |
17 |
|
18 |
-- |
19 |
Rich |