container-openvpn/docs/selinux.md

# For hosts that use SELinux

Try this [policy file](docker-openvpn.te)

Run these commands to compile and load it:

```
checkmodule -M -m -o docker-openvpn.mod docker-openvpn.te
semodule_package -o docker-openvpn.pp -m docker-openvpn.mod
sudo semodule -i docker-openvpn.pp
```

Also, some configurations don't allow containers to load kernel modules, so on the host run this:

```
sudo modprobe tun
```

So the container doesn't have to load the `tun` module.


# Still having issues?

In January 2016, Fedora based systems got an update that fixed an issue for labeling namespaced net objects under /proc
to fix, make sure that you have run `sudo dnf update` and you need to reboot to load the new policies
added docs for SELinux policy file 2016-02-10 18:34:35 +00:00			`# For hosts that use SELinux`

			`Try this [policy file](docker-openvpn.te)`

			`Run these commands to compile and load it:`

			```
			`checkmodule -M -m -o docker-openvpn.mod docker-openvpn.te`
			`semodule_package -o docker-openvpn.pp -m docker-openvpn.mod`
			`sudo semodule -i docker-openvpn.pp`
			```

Updated SELinux docs for hosts not allowing module loading 2016-02-23 18:05:13 +00:00			`Also, some configurations don't allow containers to load kernel modules, so on the host run this:`

			```
			`sudo modprobe tun`
			```

			So the container doesn't have to load the `tun` module.


added docs for SELinux policy file 2016-02-10 18:34:35 +00:00			`# Still having issues?`

Fix typo 2016-02-10 19:01:54 +00:00			`In January 2016, Fedora based systems got an update that fixed an issue for labeling namespaced net objects under /proc`
added docs for SELinux policy file 2016-02-10 18:34:35 +00:00			to fix, make sure that you have run `sudo dnf update` and you need to reboot to load the new policies