On 2/20/06, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote: > gf wrote: > > Hi, > > I am trying to update the httpd policy in selinux to allow access to port 8443. > > I thought that I could add the line > > portcon tcp 8443 system_u:object_r:http_port_t > > to the file > > /etc/selinux/targeted/src/policy/net_contents > > and recompile. > > > > My first step was to download the sources: > > selinux-policy-targeted-sources-1.17.30-2.110.rpm > > and install. > > > > To check whether or not everthing was working, I tried the following > > without altering any files: > > > > [$ /etc/selinux/targeted/src/policy]:make load > > mkdir -p /etc/selinux/targeted/policy > > /usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18 policy.conf > > /usr/bin/checkpolicy: loading policy configuration from policy.conf > > tmp/program_used_flags.te:2:ERROR 'syntax error' at token > > '/etc/selinux/targeted/src/policy/domains/program' on line 1164: > > /etc/selinux/targeted/src/policy/domains/program > > #line 1 "tmp/program_used_flags.te" > > /usr/bin/checkpolicy: error(s) encountered while parsing configuration > > make: *** [/etc/selinux/targeted/policy/policy.18] Error 1 > > > > > > I am a newbie with regard to selinux and would really appreciate some > > help diagnosing and correcting this error so that I can make my > > desired changes. > > > > I am using Scientific Linux 4 (a variant of RHEL4). > > > > Thanks for your help. > > > > > First can you upgrade to > > selinux-policy-targeted*1.17.30-2.126.rpm > THen try again. > > It is available on ftp://people.redhat.com/dwalsh/SELinux/RHEL4 > > You also need to grab the policycoreutils from there also. > > -g > > Hi, Thanks for the response. I downloaded the following files from the site you pointed to selinux-policy-targeted-1.17.30-2.126.noarch.rpm selinux-policy-targeted-sources-1.17.30-2.126.noarch.rpm policycoreutils-1.18.1-4.9.i386.rpm and upgraded my distribution. Before installing the *sources* rpm, I removed /etc/selinux/targeted/src completely to make sure that there were no residual edited files. Unfortunately, when I run 'make load', I run into the same problem as I described earlier. Do you have any other advice for things that I can try? Thanks. -g -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
