openvpn-monitor icon indicating copy to clipboard operation
openvpn-monitor copied to clipboard

Published 20 hours ago verified publisher icon furlongm

[Centos][SELinux] Connection to 5555 port

Open metalrise opened this issue 4 years ago • 3 comments

First of all, thank you for the lightweight solution for monitoring OpenVPN

After I've installed the monitor, there were same issues caused by SELinux on CentOS 7:

a) OpenVPN not starting after adding management 127.0.0.1 5555 to server.conf

This has solved by the fix recommended in issue https://github.com/furlongm/openvpn-monitor/issues/101

In CentOS 7 minimal, semanage is installed by policycoreutils-python

yum install policycoreutils-python sudo semanage port -a -t openvpn_port_t -p tcp 5555

b) The python script cannot connect to the management interface WARNING: socket error: [Errno 13] Permission denied from apache error_log

setsebool -P httpd_can_network_connect=1

httpd_can_network_connect (HTTPD Service):: Allow HTTPD scripts and modules to connect to the network

Can you update the README? and save some hours for future users from searching the web

The solutions from above were tested on CentOS 7

Another hardcore fix, can be .......... disabling SELinux

metalrise avatar Mar 06 '20 01:03 metalrise

b worked for me thanks

b3hroo2 avatar Apr 26 '20 10:04 b3hroo2

I think @metalrise was right it should be added to README, I already disabled SeLinux on my Centos 7 before I even see the real solution here.

PtrckM avatar Sep 02 '20 00:09 PtrckM

Happy to take a PR to add this to the README. Maybe against develop branch?

furlongm avatar Oct 09 '20 02:10 furlongm