Service radiusd Start vs radiusd
jdennis at redhat.com
Thu Jan 26 17:42:32 CET 2012
On 01/26/2012 06:33 AM, Alan Buxey wrote:
>>> yes but as already said, RHEL SElinux policy should already be fine for this
>> It's been a while since I looked, but when I did the RHEL5 SELinux
>> policy was good for nothing except very, very basic FreeRADIUS usage.
>> Has that changed now? Using "sesearch" I don't for example see any
>> references to postgresql_t for unix socket connection, and it's not
>> obvious to me that the policy permits ntlm_auth to be exec'd.
> perhaps I wrote my sentence lazily.....the RHEL SElinux policy SHOULD already
> be fine for this ;-)
You say you're running RHEL 5.7 (and not some RHEL clone such as CentOS
or Scientific Linux). That means you've paid us for a subscription and
part of what you've paid for is a promise things will work. If they are
not working please following the support procedures with your RHEL
representative to get help and/or file a bug (sorry, I can't tell you
how that process works because I sit on the other end inside of
engineering). The issue will be assigned to one of us in engineering,
because it appears to be an SELinux policy issue it won't likely come to
me, rather it will go to an engineer assigned to SELinux policy issues.
SELinux policy problems usually get fixed very quickly once they get
reported, in the interim the engineer assigned to the bug will likely
tell you the optimal temporary workaround.
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
More information about the Freeradius-Users