Re: selinux & iptables

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 08/30/2011 03:08 PM, Michael D. Berger wrote:
> In setting up my new CentOS 6 laptop, I replaced 
> /etc/sysconfig/iptables with my own, very restrictive version.  I
> then tried to restart the iptables daemon, but it reported that my
> new iptables was unreadable. On a guess, I disabled selinux, and my
> problem was solved.  Later, I re-enabled selinux and on reboot, it 
> had to go through a very long setup procedure.
> 
> Is there something better I could have done when replacing
> iptables, so that I would not have to disable selinux?
> 
> Thanks for your help. Mike.
> 
> _______________________________________________ CentOS mailing
> list CentOS@xxxxxxxxxx 
> http://lists.centos.org/mailman/listinfo/centos

Run restorecon on the files you changed.

restorecon -R -v /etc/sysconfig

Is all you probably needed.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk5dNZIACgkQrlYvE4MpobPSygCgvb9bm6KEcIhv+VoR+uEAapeN
DwoAn2NTPyTykCcMpwwr9nfamgqgzifm
=PkaT
-----END PGP SIGNATURE-----
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux