On Thu, 2004-12-09 at 14:52 -0600, Steven Pritchard wrote: > Excuse me for a stupid selinux question... > > Is there something I have to do when packaging a daemon to make > selinux policy apply to it? Nothing in the daemon RPM itself; but you should make sure that your file locations, etc. conform to the shipped policy. > I have an OpenVPN package in the fedora.us QA queue > (https://bugzilla.fedora.us/show_bug.cgi?id=1531). I noticed that > selinux-policy-targeted-sources includes a file openvpn.fc, but I have > no idea how to connect the dots to make it all work... There is an openvpn.te; it's just not shipped in selinux-policy-targeted-sources. The spec file does: for i in apache.te dhcpd.te ldconfig.te mailman.te mysqld.te mta.te named.te nscd.te ntpd.te portmap.te postgresql.te snmpd.te squid.te syslogd.te ypbind.te; do mv domains/program/unused/$i domains/program/ If you just add openvpn.te to that it should work. BTW, I wrote openvpn.te very quickly while I was experimenting with VPN software a while ago; it's only been lightly tested :)
