Ask Your Question
1

"SELinux is preventing pptpcm from read access on the chr_file random"

asked 2016-12-21 12:27:36 -0500

spio gravatar image

Hi. Since yesterday, after the last Fedora 24 update, every time I connect to a PPTP VPN I receive the warning shown in the title ("SELinux is preventing pptpcm from read access on the chr_file random"). The connection gets stablished without problems, but I would like to know what that message means and why I am getting it.

I searched Google and found the very same message only once related to a SELinux policy bug for Fedora 25, and it was marked as CLOSED ERRATA, although the last comment in the thread indicates that the problem continues for the reporter.

Can anyone show some light about this?

edit retag flag offensive close merge delete

1 Answer

Sort by ยป oldest newest most voted
2

answered 2016-12-21 14:58:20 -0500

CAI Qian gravatar image

This is a start to understand the selinux "misery". https://github.com/mairin/selinux-col...

edit flag offensive delete link more

Comments

1

Thank you for your unhelpful answer... I put the question in a way so you can undestand it.. why pptcm is trying to access random, or why is SELinux complainit about that now (did not before), and why is the VPN connection being established even when SELinux complains about something.. what I want to know is what changed about all this and what should I do now.. It seems you know about that, so I keep waiting for your knowledge..

spio gravatar imagespio ( 2016-12-21 15:39:47 -0500 )edit
1

Have you used the SELinux Troubleshooter to see what it suggests, and if so, have you tried following its advice? This won't tell you why it's happening, but it might fix what's wrong, and that's probably what you really want. I understand your frustration, because you probably weren't looking for a tutorial, but it often helps in these matters to understand just what SELinux is and why it's blocking things.

sideburns gravatar imagesideburns ( 2016-12-21 15:52:02 -0500 )edit

Hi. Yes, I did. It suggested "allow authlogin to nsswitch use ldap" (83%) or "pptpcm should be allowed read access on the random chr_file by default" (11%); in the latter case it also recomends to file a bug report. If I had to try somenthing to make my VPN connection work I would try the second options (even with the lower confidence), but having my VPN connection working fine, and having lots of thing to do (work first), I think I can live with the warning, and when I have some time I will check it again.. or just wait for the next F24 update and see if this go off just as it came..

spio gravatar imagespio ( 2016-12-21 16:03:51 -0500 )edit

Question Tools

1 follower

Stats

Asked: 2016-12-21 12:26:26 -0500

Seen: 204 times

Last updated: Dec 21 '16