On Mon, 2006-02-20 at 07:44 -0700, gf wrote:
Hi,
I am trying to update the httpd policy in selinux to allow access to port 8443.
I thought that I could add the line
portcon tcp 8443 system_u:object_r:http_port_t
to the file
/etc/selinux/targeted/src/policy/net_contents
and recompile.
My first step was to download the sources:
selinux-policy-targeted-sources-1.17.30-2.110.rpm
and install.
To check whether or not everthing was working, I tried the following
without altering any files:
[$ /etc/selinux/targeted/src/policy]:make load
mkdir -p /etc/selinux/targeted/policy
/usr/bin/checkpolicy -o /etc/selinux/targeted/policy/policy.18 policy.conf
/usr/bin/checkpolicy: loading policy configuration from policy.conf
tmp/program_used_flags.te:2:ERROR 'syntax error' at token
'/etc/selinux/targeted/src/policy/domains/program' on line 1164:
/etc/selinux/targeted/src/policy/domains/program
#line 1 "tmp/program_used_flags.te"
/usr/bin/checkpolicy: error(s) encountered while parsing configuration
make: *** [/etc/selinux/targeted/policy/policy.18] Error 1
Sounds like a bug in the policy Makefile in the generation of the
policy.conf file, as that string
('/etc/selinux/targeted/src/policy/domains/program') shouldn't appear in
it. Provide more context please, e.g. the lines around line 1164 of the
policy.conf file.
--
Stephen Smalley
National Security Agency