Re: My first policy (memcached)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Konstantin Ryabitsev wrote:
> On 9/12/07, Daniel J Walsh <dwalsh@xxxxxxxxxx> wrote:
>> Do web applications communicate with this daemon over the network port?
> 
> Yes, normally via tcp. I don't think they actually use unix sockets.
> What kind of interface(s) would be useful for that?
> 
You need to define a port
type memcached_port_t;
port_type(memcached_port_t)
allow memcached_t memcached_port_t:tcp_socket name_bind;


Interfaces would be something like

interface(`memcached_port_connect'. `
	gen_require (`
		type memcached_port_t;
	')
	allow $1 memcached_port_t:tcp_port name_connect;
')

Finally need to execute

semanage port -a -m memcached_port_t -P tcp 11211

>> Please submit to upstream for approval, Then lets get it into fedora.
> 
> By upstream, do you mean the packager, or the very upstream?
> 
Either.  If the packager wants to ship it with his product all the better.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFG7u5RrlYvE4MpobMRArK1AKDjZ0NSoyeK6WrY9iF4Ora0iwztUACgp4zp
pVSCOBwM5Kp0FBoEQ7uH+4Y=
=SxRq
-----END PGP SIGNATURE-----

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list

[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux