fwknop is a single passphrase authorization system.
Fairly cool. selinux did not like fwknop out of the box.
It wanted a new module:
module iptab2log 1.0;
require {
type var_log_t;
type iptables_t;
class file write;
}
#============= iptables_t ==============
allow iptables_t var_log_t:file write;
It works now. Was there another way to do this?
William J. Chimiak
Laboratory for Telecommunication Sciences
8080 Greenmead Drive, College Park, MD 20740
301-422-5217
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
