LinuxLists.cc - [refpolicy] services

2009-08-31 18:07:29

Subject: [refpolicy] services_openvpn.patch

http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_openvpn.patch

Openvpn connects to cache ports and stores files in nfs and cifs directories.

2009-09-01 08:31:10

by paul

[permalink] [raw]

Subject: [refpolicy] services_openvpn.patch

On 31/08/09 19:07, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_openvpn.patch
>
> Openvpn connects to cache ports and stores files in nfs and cifs directories.

Under what circumstances does openvpn connect to http or http_cache ports?

Paul.

2009-09-01 12:26:51

by Daniel Walsh

[permalink] [raw]

Subject: [refpolicy] services_openvpn.patch

On 09/01/2009 04:31 AM, Paul Howarth wrote:
> On 31/08/09 19:07, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_openvpn.patch
>>
>>
>> Openvpn connects to cache ports and stores files in nfs and cifs
>> directories.
>
> Under what circumstances does openvpn connect to http or http_cache ports?
>
> Paul.

I think they are using it to connect through firewalls.

Google openvpn and 80 gives you 174000 messages talking about running openvpn through port 80.

2009-09-01 13:32:19

by paul

[permalink] [raw]

Subject: [refpolicy] services_openvpn.patch

On 01/09/09 13:26, Daniel J Walsh wrote:
> On 09/01/2009 04:31 AM, Paul Howarth wrote:
>> On 31/08/09 19:07, Daniel J Walsh wrote:
>>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_openvpn.patch
>>>
>>>
>>> Openvpn connects to cache ports and stores files in nfs and cifs
>>> directories.
>>
>> Under what circumstances does openvpn connect to http or http_cache ports?
>>
>> Paul.
>
> I think they are using it to connect through firewalls.
>
> Google openvpn and 80 gives you 174000 messages talking about running openvpn through port 80.

Ah right, so it'll use http_cache_t to do this with a proxy too.

Understood.

Paul.

2009-09-01 14:01:53

by Daniel Walsh

[permalink] [raw]

Subject: [refpolicy] services_openvpn.patch

On 09/01/2009 09:32 AM, Paul Howarth wrote:
> On 01/09/09 13:26, Daniel J Walsh wrote:
>> On 09/01/2009 04:31 AM, Paul Howarth wrote:
>>> On 31/08/09 19:07, Daniel J Walsh wrote:
>>>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_openvpn.patch
>>>>
>>>>
>>>>
>>>> Openvpn connects to cache ports and stores files in nfs and cifs
>>>> directories.
>>>
>>> Under what circumstances does openvpn connect to http or http_cache
>>> ports?
>>>
>>> Paul.
>>
>> I think they are using it to connect through firewalls.
>>
>> Google openvpn and 80 gives you 174000 messages talking about running
>> openvpn through port 80.
>
> Ah right, so it'll use http_cache_t to do this with a proxy too.
>
> Understood.
>
> Paul.
Not that I have ever set one up. I allow the Rawhide/Fedora users/testers to train me how people setup these apps.

2009-09-02 13:24:21

by cpebenito

[permalink] [raw]

Subject: [refpolicy] services_openvpn.patch

On Mon, 2009-08-31 at 14:07 -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/services_openvpn.patch
>
> Openvpn connects to cache ports and stores files in nfs and cifs
> directories.

Merged.

--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150