Is sctp support planned?
#semanage port -a -t ssh_sctp_port_t -p sctp 22 /usr/sbin/semanage: Protocol udp or tcp is required
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Chuck Anderson wrote:
Is sctp support planned?
#semanage port -a -t ssh_sctp_port_t -p sctp 22 /usr/sbin/semanage: Protocol udp or tcp is required
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
TCP Port 22 is labeled ssh_port_t.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Chuck Anderson wrote:
On Tue, Apr 22, 2008 at 03:21:35PM -0400, Daniel J Walsh wrote:
TCP Port 22 is labeled ssh_port_t.
For TCP, yes. I need SCTP, a different IP protocol.
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
I have no idea if this is handled SCTP Are you seeing AVC messages?
You might want to bring this up for discussion on Developer list.
On Tue, 2008-04-22 at 15:42 -0400, Daniel J Walsh wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Chuck Anderson wrote:
On Tue, Apr 22, 2008 at 03:21:35PM -0400, Daniel J Walsh wrote:
TCP Port 22 is labeled ssh_port_t.
For TCP, yes. I need SCTP, a different IP protocol.
-- fedora-selinux-list mailing list fedora-selinux-list@redhat.com https://www.redhat.com/mailman/listinfo/fedora-selinux-list
I have no idea if this is handled SCTP Are you seeing AVC messages?
Should show up as name_bind checks on port_t:rawip_socket, as per: http://marc.info/?l=fedora-selinux-list&m=112806295900352&w=2
Policy toolchain doesn't presently allow specification of port contexts for anything other than udp or tcp, although I think the kernel side would support it just fine. So we'd need to update libsepol/libsemanage first, then adjust seobject.py to recognize "sctp". Along with checkpolicy.
selinux@lists.fedoraproject.org