Having Fedora 20 64-bit installed, I have this old problem of conflicting OpenVPN and SELinux. Obviously SELinux prevents openvpn
from launching.
The OpenVPN has been set through Network Connection and I have three files:
- user certificate as:
cer.pem
- CA certificate as:
ca.pem
- Private key as:
key.pem
Some solutions say that I should move certificate files in to ~/.cert
and then run:
$ sudo restorecon -R -v ~/.cert
And then SELinux will allow the access to the certificates.
BUT, before I launch openvpn
, I had saved these certificates in Documents/certificates folder. Of course when I execute:
$ mv ~/Documents/certificates/cer.pem ~/.cert
The file will be moved to ~/.cert
and in Network Connections there would be no certificates.
I've tried to use cp
instead of mv
but that did not help and still I have this old problem of conflict.
Best Answer
SELinux is disallowing the
openvpn
executable from accessing files on the filesystem in a specific location. Your best friend for dealing with these is to use the SELinux troubleshooter GUI.You'll then want to follow the advice to add the necessary contexts to your filesystem to appease SELinux.
NOTE: In the above example I've selected the 2nd option and will run the commands
semanage
andrestorecon
as described to fix my issue here. You'll need to do the same for youropenvpn
issue. It should be identical to what I'm showing in the screenshots.To fix the issue I ran these commands:
References