Dnia 03/08/2006 07:11 PM, Użytkownik Stephen Smalley napisał:
Needs to go in net_contexts, and put before the catchall cases for
reserved_port_t.
Thanks, it works but I wanted to avoid modifying this file. Does that
mean that I will need to edit it after every
selinux-policy-targetes-sources update? (I can use ftp port > 1023 so
this entry wouldn't need to be placed before reserved_port_t)
In FC5, you'll have much nicer options for such customization via
semanage without needing policy sources at all.
Yes, it's more user friendly :D I've just tested it on my rawhide box.
semanage man page sucks a bit (no examples), so it took me few minutes
to construct this command:
semanage port -a -t ftp_port_t -p tcp 7777
Actually, it was unnecessary on FC5 ;-) It seems that SELinux policy
does not block vsftpd from binding to other ports (or my system is
broken?). I'm using selinux-policy-targeted-2.2.23-6 it if makes any
differance.
I had to modify http_port_t to allow Apache to work on 81 port, though...
--
^_*
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
