[RADIATOR] Running Radiator under SELinux?
A.L.M.Buxey at lboro.ac.uk
A.L.M.Buxey at lboro.ac.uk
Tue Jul 28 16:38:07 CDT 2015
Hi,
> > is it possible to run Radiator (newest version) on Linux (CentOS 7)
> > with SELinux enabled? Are there any special configurations or other
> > advices to consider? Or should we better disable SELinux?
>
> I'd say it is worth trying with SELinux enabled first. We have not
> looked throughly at this yet, but basic configuration seems to work. If
> you check radiusd_selinux(8) man page, many things apply to Radiator too.
$ getenforce
Enforcing
works fine here.
you will need to look at eg auditd and use tools such as audit2why etc to verify
when things fail.
I cant recall anything in particular that we had to do to get it working with SELinux...
we call some pre/post handler scripts, we call SSL code (RADSEC and dynamic server discovery
stuff)... if you are using an SQL system you MIGHT have further games.... or if you use the
web interface admin method you might have something to deal with there..
alan
More information about the radiator
mailing list