• 1

delete vs. modify port types?


But why do you have to modify that port association of port 8008 being a http_port_t to an unreserved port and not just delete the whole http_port_t association? That seems more natural, since port 8008 is already in the unreserved_port_t range?


Re: delete vs. modify port types?

The tool chain can not handle it. If a port definition comes from the base policy , the tool chain does not allow semanage to delete it. You can only modify it to a type that confined domains do not have access to.

  • 1

Log in