lejeczek wrote:
dear all,
that really baffles me, I don't seem to be able to set it up :)
and that port by default in conf file??
setroubleshoot server should be able to listen on network so remote
sealert could connect to it, right?
on my boxes(f9;f10) it does even look like binding to a port
please advise
cheers
By default the connection between the server and client is local and is
implemented with a unix domain socket, not inet. This default is chosen
for security reasons with the consequence the client (sealert) can only
connect to the server (setroubleshootd) if they are running on the same
host. However, it is possible to configure setroubleshootd to accept
inet connections (see the comments in
/etc/setroubleshoot/setroubleshoot.cfg) so that a remote sealert can
connect to it. Be aware there is no authentication in this configuration
and as such you must be comfortable with anyone being able to access
your selinux denial information. For sealert to connect via inet to a
remote host use the "connect to" menu item in the "File" menu (going
from memory, the name might be slightly different). In the default local
case you should not need to do anything special, the default
configuration should just work.
--
John Dennis <jdennis@xxxxxxxxxx>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
