On Tue, 2008-09-30 at 08:41 -0400, Daniel J Walsh wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Arthur Pemberton wrote: > > On Mon, Sep 29, 2008 at 3:40 PM, Stephen Smalley <sds@xxxxxxxxxxxxx> wrote: > >> On Mon, 2008-09-29 at 15:31 -0500, Arthur Pemberton wrote: > >>> I'm getting an denial when I attempt o use port 23 as an additional > >>> port for sshd. That makes sense. What's the best way to define > >>> alternate SSHd ports? > >> semanage port -m -t ssh_port_t -p tcp 23 > > > > > > > > When trying this, I get: > > sealert -l 819f882a-3d08-41da-bc19-4168c9b8b4cb > > > > Even after doing that, I get this on `service sshd restart`: > > sealert -l 82267d8b-d557-4891-bdb0-26e0feb1e986 > > > > > Please send the output from that command, that number is only local to > your machine. Wondering if libsemanage does the right thing when the port already exists in the base policy, as in this case. It should override the base policy definition with the local one, but I'm not 100% sure it does. -- Stephen Smalley National Security Agency -- fedora-selinux-list mailing list fedora-selinux-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-selinux-list
