[Openswan Users] Pluto has conflict with SeLinux

OCG Technical Support support at ocg.ca
Tue Sep 16 11:01:19 EDT 2008

I'm trying to run IPSec on a system with SeLinux on it.  It appears that
Pluto has a problem I can't get past (I add local policies for this AVC
below but doesn't solve the problem):

host=firewall.ocg.ca type=AVC msg=audit(1221407602.428:4482): avc: denied {
bind } for pid=24677 comm="pluto" scontext=unconfined_u:system_r:ipsec_t:s0
tcontext=unconfined_u:system_r:ipsec_t:s0 tclass=netlink_xfrm_socket

Any ideas?  Has anyone written a local policy for Pluto that works?


More information about the Users mailing list