How can I use an selinux unused port

Brian Ginn BGinn at beyondtrust.com
Wed Sep 23 16:35:40 UTC 2009


I want to use port 60000 for a confined application that is not postgrey.

However port 60000 is "owned by" postgrey and I can't seem to get past that.

I don't want to add SELinux policy that allows my app to use postgrey's port,

I want my app to think the port is myapp_port_t.



Is there a way to free port 60000 from postgrey?



[root at domingo install]# netstat -an | grep 60000

[root at domingo install]# semanage port -l | grep 60000

postgrey_port_t                tcp      60000

[root at domingo install]# /usr/sbin/semanage port -d -t postgrey_port_t -p tcp 60000

/usr/sbin/semanage: Port tcp/60000 is defined in policy, cannot be deleted

[root at domingo install]#







Thanks,

Brian


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-selinux-list/attachments/20090923/c9bdf337/attachment.htm>


More information about the fedora-selinux-list mailing list