On Thu, 2013-06-27 at 13:40 +0200, Tim Verhoeven wrote:
On Thu, Jun 27, 2013 at 1:35 PM, Dominick Grift
> On Thu, 2013-06-27 at 13:06 +0200, Tim Verhoeven wrote:
>> So how can I allow SELinux to let both openssh and proftpd use port 22
>> at the same time?
> Use audit2allow to allow the service(s) to operate on the port
I could do that if there would be any AVC denies in the audit log
about this, but there aren't any. So audit2allow does not help me
Then use semodule -DB to build/install the policy without "dontaudit"
rules, and then reproduce the issue. Then look for related avc denials
again. After testing run semodule -B to build/install the policy with
"dontaudit" rules reinserted.
Tim Verhoeven - tim.verhoeven.be(a)gmail.com - 0479 / 88 11 83
Hoping the problem magically goes away by ignoring it is the
"microsoft approach to programming" and should never be allowed.