SELinux and Shorewall with IPSets
Mr Dash Four
mr.dash.four at googlemail.com
Wed Jun 30 20:56:24 UTC 2010
>>> hmm... i am not sure about this but maybe:
>>> role system_r types setfiles_mac_t;
>>> helps here..
>> What do you mean?
> Add that rule to the running policy:
> policy_module(myseutils, 1.0.0)
> type setfiles_mac_t;
> role system_r;
> role system_r types setfiles_mac_t;
> make -f /usr/share/selinux/devel/Makefile myseutils.pp
> sudo semodule -i myseutils.pp
> Again, this is a shot in the dark...
This did the trick - no errors and when I log in with qemu and type
"semanage port -l | grep ssh" I am getting my own port and nothing else
(I did just one modification to see whether it will work). Brilliant!
More information about the selinux