[Pki-devel] patch for review - https://bugzilla.redhat.com/show_bug.cgi?id=739708

Matthew Harmsen mharmsen at redhat.com
Tue Sep 27 18:01:15 UTC 2011


On 09/26/11 08:40, Ade Lee wrote:
> https://bugzilla.redhat.com/show_bug.cgi?id=739708 - pki-selinux lacks
> rules in F16
>
> This patch adds two of the three rules.
>
> The remaining one:
> allow pki_ca_t unreserved_port_t:tcp_socket name_connect;
>
> is still under investigation.  I have no idea why tomcat would be trying to
> connect to an ephemeral port (and I have not been able to reproduce on my
> system).  As far as I can tell, this happens on startup on Alexander's system
> -- but it does not affect the startup of the server.
>
> I'll keep looking for it.
>
> Please review.
>
> Ade
>
>
>    
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
>    
ACK
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20110927/b449b9a9/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5150 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20110927/b449b9a9/attachment.p7s>


More information about the Pki-devel mailing list