On Thu, 2007-09-06 at 14:18 -0700, Michael Thomas wrote:
If you want to manage the port for a daemon that is started/stopped via an init script, then the best place to put the 'semanage port -a ...' command is in the init script itself. This will ensure that the port definition is set and removed when the daemon starts/stops. Putting it in the spec file and running at package install time is not enough because I don't believe that the semanage'd ports persist after a reboot.
Actually, the port does persist across a reboot, because semanage rebuilds the binary policy (that's the reason that it takes so long to run).
Forrest