On Thu, 2013-06-27 at 13:40 +0200, Tim Verhoeven wrote:
On Thu, Jun 27, 2013 at 1:35 PM, Dominick Grift
<dominick.grift(a)gmail.com> wrote:
> On Thu, 2013-06-27 at 13:06 +0200, Tim Verhoeven wrote:
>
>> So how can I allow SELinux to let both openssh and proftpd use port 22
>> at the same time?
>
> Use audit2allow to allow the service(s) to operate on the port
I could do that if there would be any AVC denies in the audit log
about this, but there aren't any. So audit2allow does not help me
much.
Then use semodule -DB to build/install the policy without "dontaudit"
rules, and then reproduce the issue. Then look for related avc denials
again. After testing run semodule -B to build/install the policy with
"dontaudit" rules reinserted.
Regards,
Tim
--
Tim Verhoeven - tim.verhoeven.be(a)gmail.com - 0479 / 88 11 83
Hoping the problem magically goes away by ignoring it is the
"microsoft approach to programming" and should never be allowed.
(Linus Torvalds)