Labelling a new port
Forrest Taylor
ftaylor at redhat.com
Thu Sep 6 21:51:31 UTC 2007
On Thu, 2007-09-06 at 14:18 -0700, Michael Thomas wrote:
> If you want to manage the port for a daemon that is started/stopped via
> an init script, then the best place to put the 'semanage port -a ...'
> command is in the init script itself. This will ensure that the port
> definition is set and removed when the daemon starts/stops. Putting it
> in the spec file and running at package install time is not enough
> because I don't believe that the semanage'd ports persist after a reboot.
Actually, the port does persist across a reboot, because semanage
rebuilds the binary policy (that's the reason that it takes so long to
run).
Forrest
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20070906/250af691/attachment.sig>
More information about the fedora-selinux-list
mailing list