[Swan] I broke Libreswan with an SELINUX error
Paul Wouters
pwouters at redhat.com
Thu Sep 19 00:14:30 EEST 2013
On Wed, 18 Sep 2013, Nick Howitt wrote:
> then reloaded the conn (when the webconfig also reloads secrets) at which point I got logs:
>
> Sep 18 21:10:46 server pluto[1948]: SElinux: could not open /sys/fs/selinux/enforce
Are you using an old version? The latest code in libreswan has:
FILE *fd = fopen("/sys/fs/selinux/enforce","r");
if (fd == NULL) {
/* try old location, which is still in use by CentOS6 * (not RHEL6) */
fd = fopen("/selinux/enforce","r");
if (fd == NULL) {
libreswan_log("SElinux: could not open /sys/fs/selinux/enforce or /selinux/enforce");
return 2;
}
}
n = fread((void *)selinux_flag, 1, 1, fd);
Paul
More information about the Swan
mailing list