<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body text="#000000" bgcolor="#FFFFFF">
I've had your binary libreswan-3.5-2.el6.x86_64 installed since 14
July.<br>
<br>
<font face="Courier New">[root@server ~]# grep libre
/var/log/yum.log<br>
Apr 10 17:41:15 Installed: libreswan-3.2rc1-1.njh.x86_64<br>
May 14 20:02:57 Updated: libreswan-3.3-1.el6.x86_64<br>
Jul 13 21:34:12 Updated: libreswan-3.5-1.njh.x86_64<br>
Jul 14 08:43:01 Updated: libreswan-3.5-2.el6.x86_64<br>
Sep 18 21:35:22 Installed: libreswan-3.5-2.el6.x86_64</font><br>
<br>
ClearOS 6.x (an RHEL derivative) uses /selinux/enforce which is odd
from the comment below since it is no longer a CentOS derivative.<br>
<br>
Nick<br>
<br>
<div class="moz-cite-prefix">On 18/09/2013 22:14, Paul Wouters
wrote:<br>
</div>
<blockquote
cite="mid:alpine.LFD.2.10.1309181712460.21173@bofh.nohats.ca"
type="cite">
<br>
On Wed, 18 Sep 2013, Nick Howitt wrote:
<br>
<br>
<blockquote type="cite">then reloaded the conn (when the webconfig
also reloads secrets) at which point I got logs:
<br>
<br>
Sep 18 21:10:46 server pluto[1948]: SElinux: could not open
/sys/fs/selinux/enforce
<br>
</blockquote>
<br>
Are you using an old version? The latest code in libreswan has:
<br>
<br>
FILE *fd = fopen("/sys/fs/selinux/enforce","r");
<br>
<br>
if (fd == NULL) {
<br>
/* try old location, which is still in use by
CentOS6 * (not RHEL6) */
<br>
fd = fopen("/selinux/enforce","r");
<br>
if (fd == NULL) {
<br>
libreswan_log("SElinux: could not open
/sys/fs/selinux/enforce or /selinux/enforce");
<br>
return 2;
<br>
}
<br>
}
<br>
<br>
n = fread((void *)selinux_flag, 1, 1, fd);
<br>
<br>
Paul
<br>
</blockquote>
<br>
</body>
</html>