Ask Your Question
2

P.I.A. vpn config?

asked 2013-09-09 13:54:37 -0500

Fauxfire gravatar image

updated 2013-09-12 03:25:35 -0500

Jann5s gravatar image

hey there im new here, ive used fedora before (very briefly) but i have very little experience with VPN's. i use PIA (PRIVATE INTERNET ACCESS)in my window's machine the vpn is easily setup with an included installer. but theres no installer fro PIA in fedora. i tried to use the openVPN settings detailed on their site but they seem to be tailored to unpuntu. and i really have no idea what the diff would be. any help would be appreciated.

edit:

ok tried that everything seemed to translate well but now i get a new problem and i still cant connect to PIA if i could paste a screen shot in here i would but as stated in my previous post i've only breifly been involved with fedora, and i dont know how yet. anyways i get an error related to selinux this is the info from the selinux trouble shooter details

"SELinux is preventing /usr/sbin/openvpn from open access on the file /home/nunya/ca.crt.

*****  Plugin openvpn (47.5 confidence) suggests  ****************************

If you want to mv ca.crt to standard location so that openvpn can have open access
Then you must move the cert file to the ~/.cert directory
Do
# mv /home/nunya/ca.crt ~/.cert
# restorecon -R -v ~/.cert


*****  Plugin openvpn (47.5 confidence) suggests  ****************************

If you want to modify the label on ca.crt so that openvpn can have open access on it
Then you must fix the labels.
Do
# semanage fcontext -a -t home_cert_t /home/nunya/ca.crt
# restorecon -R -v /home/nunya/ca.crt


*****  Plugin catchall (6.38 confidence) suggests  ***************************

If you believe that openvpn should be allowed open access on the ca.crt file by default.
Then you should report this as a bug.
You can generate a local policy module to allow this access.
Do
allow this access for now by executing:
# grep openvpn /var/log/audit/audit.log | audit2allow -M mypol
# semodule -i mypol.pp

Additional Information:
Source Context                system_u:system_r:openvpn_t:s0
Target Context                unconfined_u:object_r:user_home_t:s0
Target Objects                /home/nunya/ca.crt [ file ]
Source                        openvpn
Source Path                   /usr/sbin/openvpn
Port                          <unknown>
Host                          localhost.localdomain
Source RPM Packages           openvpn-2.3.2-1.fc19.i686
Target RPM Packages           
Policy RPM                    selinux-policy-3.12.1-74.1.fc19.noarch
Selinux Enabled               True
Policy Type                   targeted
Enforcing Mode                Enforcing
Host Name                     localhost.localdomain
Platform                      Linux localhost.localdomain 3.10.10-200.fc19.i686
                              #1 SMP Thu Aug 29 19:25:53 UTC 2013 i686 i686
Alert Count                   16
First Seen                    2013-09-08 20:56:25 MDT
Last Seen                     2013-09-11 19:46:43 MDT
Local ID                      6f51d205-20c6-4c17-a691-d394887cb42d

Raw Audit Messages
type=AVC msg=audit(1378950403.986:443): avc:  denied  { open } for  pid=2011 comm="openvpn" path="/home/nunya/ca.crt" dev="dm-1" ino=404433 scontext=system_u:system_r:openvpn_t:s0 tcontext=unconfined_u:object_r:user_home_t:s0 tclass=file


type=SYSCALL msg=audit(1378950403.986:443): arch=i386 syscall=open success=no exit=EACCES a0=bfd6bf53 a1=8000 a2=1b6 a3=b7f7b200 items=0 ppid ...
(more)
edit retag flag offensive close merge delete

Comments

selinux is a securtity feature of linux, you can learn about it from the wiki. Did you try any of the suggestions of the selinux trouble shooter?

Jann5s gravatar imageJann5s ( 2013-09-12 05:54:33 -0500 )edit

i tried all of them still cant get connected

Fauxfire gravatar imageFauxfire ( 2013-09-12 20:18:51 -0500 )edit

3 Answers

Sort by ยป oldest newest most voted
3

answered 2013-09-09 14:41:37 -0500

Jann5s gravatar image

Have a look at http://fedoraproject.org/wiki/Openvpn try to translate the settings of your host to the example given in the wiki. If stuck in any particular step, please update the question.

edit flag offensive delete link more
0

answered 2016-03-06 22:43:56 -0500

edit flag offensive delete link more
0

answered 2013-09-11 21:01:57 -0500

Fauxfire gravatar image

updated 2013-09-12 03:24:29 -0500

Jann5s gravatar image

moved text to question (Jann5s)

edit flag offensive delete link more

Comments

not sure what happened there i see your reply in my messages but i cant read it here :(

Fauxfire gravatar imageFauxfire ( 2013-09-12 20:17:23 -0500 )edit

Question Tools

Stats

Asked: 2013-09-09 13:54:37 -0500

Seen: 2,037 times

Last updated: Sep 12 '13