setroubleshoot server listens out on inet
John Dennis
jdennis at redhat.com
Tue Mar 24 21:48:32 UTC 2009
lejeczek wrote:
> dear all,
> that really baffles me, I don't seem to be able to set it up :)
> and that port by default in conf file??
> setroubleshoot server should be able to listen on network so remote
> sealert could connect to it, right?
> on my boxes(f9;f10) it does even look like binding to a port
> please advise
> cheers
>
By default the connection between the server and client is local and is
implemented with a unix domain socket, not inet. This default is chosen
for security reasons with the consequence the client (sealert) can only
connect to the server (setroubleshootd) if they are running on the same
host. However, it is possible to configure setroubleshootd to accept
inet connections (see the comments in
/etc/setroubleshoot/setroubleshoot.cfg) so that a remote sealert can
connect to it. Be aware there is no authentication in this configuration
and as such you must be comfortable with anyone being able to access
your selinux denial information. For sealert to connect via inet to a
remote host use the "connect to" menu item in the "File" menu (going
from memory, the name might be slightly different). In the default local
case you should not need to do anything special, the default
configuration should just work.
--
John Dennis <jdennis at redhat.com>
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
More information about the fedora-selinux-list
mailing list