On Fri, 2006-05-12 at 11:26 -0700, yukku yukkoooooo wrote: > Hi, > > Try: > > # chcon -t textrel_shlib_t /opt/cisco-vpnclient/lib/libvpnapi.so > > Repeat for any similar error you get for different libraries. > > This is an SELinux issue. > Thanks for the reply. Your diagnosis is indeed correct. But the > fix is not working for me on FC4. > When I tried your command on my FC4 as root, this command gave the > error - > # chcon -t textrel_shlib_t /opt/cisco-vpnclient/lib/libvpnapi.so > chcon: failed to change context > of /opt/cisco-vpnclient/lib/libvpnapi.so to > root :object_r:textrel_shlib_t: Invalid argument > man or info of chcon did not give me too much info. > So I tried to disable SELinux using the command > # setenforce 0 > and the vpnclient command started working !! > I was able to logon to the network too. The problem is I don't want to > disable SELinux, so what do you think should I fix in the above > command to make it work in SELinux mode ? AFAIK there is no SELinux memory protection in FC4, so this particular problem should not happen on that distro. The VPN client may be failing for other non-memory-checking reasons. Look in /var/log/messages and/or /var/log/audit/audit.log for "avc: denied" after you have run the client in permissive mode (setenforce 0) and see what crops up. Paul.
