On Fr, 02.09.22 09:04, Ted Toth (txtoth@xxxxxxxxx) wrote: > I have set the type for the port in question using the 'semanage port' > command so the loaded policy has a type which systemd should use when > calling setsockcreatecon. It is my opinion that > socket_determine_selinux_label function should query policy for the > port type and if it has been set use it and if not fallback to its > current behavior. Sure, patch very welcome. SELinux code really requires external contributions, none of the core developers know SELinux too well to do feel confident to implement that. (consider filing an RFE issue on github, so that this is tracked) Lennart -- Lennart Poettering, Berlin
Re: socket activation selinux context on create
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- Subject: Re: socket activation selinux context on create
- From: Lennart Poettering <lennart@xxxxxxxxxxxxxx>
- Date: Fri, 2 Sep 2022 16:13:45 +0200
- Cc: systemd-devel@xxxxxxxxxxxxxxxxxxxxx
- In-reply-to: <CAFPpqQHpAoj7shew5LZJEoRHnJ-_FiDOX8fuVNW0cokZH=oKhg@mail.gmail.com>
- References: <CAFPpqQHS_v7gqXsdCpE3LXA4JzL=-K0U7Q9jiGY5EqT6XCoQbg@mail.gmail.com> <Ywc+pjOFkAEswVuQ@gardel-login> <CAFPpqQHpAoj7shew5LZJEoRHnJ-_FiDOX8fuVNW0cokZH=oKhg@mail.gmail.com>
- Follow-Ups:
- Re: socket activation selinux context on create
- From: Ted Toth
- Re: socket activation selinux context on create
- References:
- socket activation selinux context on create
- From: Ted Toth
- Re: socket activation selinux context on create
- From: Lennart Poettering
- Re: socket activation selinux context on create
- From: Ted Toth
- socket activation selinux context on create
- Prev by Date: Re: socket activation selinux context on create
- Next by Date: Re: Antw: Re: Antw: [EXT] [systemd‑devel] systemd‑tmpfiles: behavior of ‑‑clean
- Previous by thread: Re: socket activation selinux context on create
- Next by thread: Re: socket activation selinux context on create
- Index(es):
 |