[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: [Pki-devel] patch for review - https://bugzilla.redhat.com/show_bug.cgi?id=739708



On 09/26/11 08:40, Ade Lee wrote:
https://bugzilla.redhat.com/show_bug.cgi?id=739708 - pki-selinux lacks
rules in F16

This patch adds two of the three rules.  

The remaining one:
allow pki_ca_t unreserved_port_t:tcp_socket name_connect;

is still under investigation.  I have no idea why tomcat would be trying to
connect to an ephemeral port (and I have not been able to reproduce on my
system).  As far as I can tell, this happens on startup on Alexander's system
-- but it does not affect the startup of the server.

I'll keep looking for it.

Please review.

Ade


  
_______________________________________________ Pki-devel mailing list Pki-devel redhat com https://www.redhat.com/mailman/listinfo/pki-devel
ACK

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]