On Thu, 2013-06-27 at 13:40 +0200, Tim Verhoeven wrote: > On Thu, Jun 27, 2013 at 1:35 PM, Dominick Grift > <dominick.grift@xxxxxxxxx> wrote: > > On Thu, 2013-06-27 at 13:06 +0200, Tim Verhoeven wrote: > > > >> So how can I allow SELinux to let both openssh and proftpd use port 22 > >> at the same time? > > > > Use audit2allow to allow the service(s) to operate on the port > > I could do that if there would be any AVC denies in the audit log > about this, but there aren't any. So audit2allow does not help me > much. > Then use semodule -DB to build/install the policy without "dontaudit" rules, and then reproduce the issue. Then look for related avc denials again. After testing run semodule -B to build/install the policy with "dontaudit" rules reinserted. > Regards, > Tim > > > -- > Tim Verhoeven - tim.verhoeven.be@xxxxxxxxx - 0479 / 88 11 83 > > Hoping the problem magically goes away by ignoring it is the > "microsoft approach to programming" and should never be allowed. > (Linus Torvalds) -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
