> From: Daniel J Walsh [mailto:dwalsh@xxxxxxxxxx] <snip> > > gen_requires(` > attribute port_type; > ') > > type crossfire_port_t, port_type; > > allow crossfire_t crossfire_port_t:udp_socket send_msg; allow > crossfire_t crossfire_port_t:tcp_socket name_bind; > > > > And in your install after the policy load > > semanage port -a -t crossfire_port_t -p tcp MYPORTNUM > semanage port -a -t crossfire_port_t -p udp MYPORTNUM > This looks fine to me. If we start doing this the rpm spec file should probably do it and should undo it on uninstall since the link will fail if the module is removed without these rules being removed. -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
