portcon in a policy module?
Forrest Taylor
ftaylor at redhat.com
Mon Apr 30 14:53:28 UTC 2007
On Mon, 2007-04-30 at 10:47 -0400, rob myers wrote:
> hello-
>
> i tried to assign a port type in a policy module like so:
>
> portcon tcp 1521 system_u:object_r:oracle_port_t:s0;
>
> which fails unless i rebuild as a monolithic policy. should this fail
> or have i got something wrong?
Yes, portcon is only valid in the base module.
>
> i have found that using "semanage port -a -t oracle_port_t -p tcp 1521"
> in the rpm post install script works.
>
> what is the proper way to assign a port in a policy module?
This is the best way unless you are rebuilding the base module.
Forrest
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
Url : http://lists.fedoraproject.org/pipermail/selinux/attachments/20070430/6b318e0b/attachment.bin
More information about the selinux
mailing list