Re: SELinux alerts

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



>>>>> "Tim" == Tim  <ignored_mailbox@xxxxxxxxxxxx> writes:

    Tim> On Sat, 2008-01-26 at 06:49 +0000, Colin Paul Adams wrote:
    >> I just installed (via yum) and started squid.
    >> 
    >> I then noticed I had some SELinux alert

    Tim> Have you configured SELinux to allow Squid?  The default was,
    Tim> and probably still is, not to allow Squid to use the network
    Tim> until you explicitly allow it.

    Tim> There's a SELinux management tool that lets you easily tweak
    Tim> the booleans.

I found it now.

The boolean for squid reads:

Allow squid to connect to all ports, not just HTTP, FTP and Gopher.

It is not checked. I'm not sure that I want to check it. I would first
like to know what squid was trying to connect to. The alert did not
tell me that (at least, if it did, i didn't understand it).

Is there a way I can find out which port was being accessed?
Hm. It doesn't mention HTTPS, but maybe that is subsumed by HTTP.
-- 
Colin Adams
Preston Lancashire


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux