Service radiusd Start vs radiusd

Phil Mayers p.mayers at imperial.ac.uk
Thu Jan 26 12:09:53 CET 2012


On 01/26/2012 10:27 AM, Alan Buxey wrote:
> Hi,
>
>> I guess we have a winner:
>> setsebool -P radiusd_disable_trans=1
>
> yes but as already said, RHEL SElinux policy should already be fine for this

It's been a while since I looked, but when I did the RHEL5 SELinux 
policy was good for nothing except very, very basic FreeRADIUS usage.

Has that changed now? Using "sesearch" I don't for example see any 
references to postgresql_t for unix socket connection, and it's not 
obvious to me that the policy permits ntlm_auth to be exec'd.



More information about the Freeradius-Users mailing list