Re: SELinux upgrade

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On 01/19/2017 12:43 AM, Marcin Trendota wrote:
After recent system upgrade (this night) i lost access to two servers
through SSH, because of change in SELinux policy - i have ssh there on
different port and now it's gone.

Which release? I also run ssh on an alternate port on one host, and that host didn't break following yesterday's updates.

Can you get the AVCs from /var/log/audit/audit.log? What is currently the content of /etc/selinux/targeted/modules/active/ports.local? Does it describe the same ports as the output of "semanage port -l -C"?

Or maybe "semanage port -a -t ssh_port_t -p tcp port" isn't enough to
ensure persistency?


It should be.  You should see that port labeled in the file above.

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
https://lists.centos.org/mailman/listinfo/centos



[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux