As I [mentioned earlier](http:\/\/jaredrobinson.com\/blog\/?p=87), upgrading from Fedora 6 to Fedora 7 broke FreeNX. A temporary solution was to disable SELinux. Here’s what allowed me to re-enable SELinux. First, I read the RHEL 5 SELinux guide to [building a local policy module](http:\/\/www.redhat.com\/docs\/manuals\/enterprise\/RHEL-5-manual\/Deployment_Guide-en-US\/sec-sel-building-policy-module.html). Next, I ran the following commands, as root:<\/p>\n
setenforce Enforcing
\n \/etc\/init.d\/auditd stop
\n mv \/var\/log\/audit\/audit.log \/var\/log\/audit.log.old
\n \/etc\/init.d\/auditd start<\/p>\n
At this point, I used an NX client to attempt to connect to my server, which failed. Then I did this:<\/p>\n
cd \/etc\/selinux
\n cat \/var\/log\/audit\/audit.log | audit2allow -M freenx
\n semodule -i freenx.pp<\/p>\n
At that point, my NX client allowed me to connect to the server. Here’s the freenx.te file that audit2allow created:<\/p>\n
module freenx 1.0;<\/p>\n
require {
\n type unconfined_t;
\n type lib_t;
\n class file execmod;
\n }<\/p>\n
#============= unconfined_t ==============
\n allow unconfined_t lib_t:file execmod;<\/p>\n","protected":false},"excerpt":{"rendered":"
As I [mentioned earlier](http:\/\/jaredrobinson.com\/blog\/?p=87), upgrading from Fedora 6 to Fedora 7 broke FreeNX. A temporary solution was to disable SELinux. Here’s what allowed me to re-enable SELinux. First, I read the RHEL 5 SELinux guide to [building a local policy module](http:\/\/www.redhat.com\/docs\/manuals\/enterprise\/RHEL-5-manual\/Deployment_Guide-en-US\/sec-sel-building-policy-module.html). Next, I ran the following commands, as root: setenforce Enforcing \/etc\/init.d\/auditd stop mv \/var\/log\/audit\/audit.log … <\/p>\n