I fixed some bugs related to selinux-policy from this thread and add couple of new ones from bugzilla.
Works for me.
@mlabbott .13.fc26 build fixing your issue.
Looks fine.
Kakoskin, Your issues are fixed in BZ.
This update has been unpushed.
LGTM
Works for me
LGTM
norenh, Agree this was caused by incomplete back-porting from rawhide branch. New build selinux-policy-3.13.1-128.28.fc22 fix this issue.
This update has been unpushed
@stevestorey,
tcp port 1234 is defined as monopd_port_t and commit for this is in repo from 2005-09-13 so, you cannot use -a in semanage becuase it's already defined.
lvrabec@lvrabec-workstation ~ » rpm -q selinux-policy selinux-policy-3.13.1-283.24.fc27.noarch lvrabec@lvrabec-workstation ~ » sudo semanage port -m -t ssh_port_t -p tcp 1234 1 ↵ lvrabec@lvrabec-workstation ~ » sudo semanage port -l | grep 1234
monopd_port_t tcp 1234 ssh_port_t tcp 1234, 22
After update...
lvrabec@lvrabec-workstation ~ » rpm -q selinux-policy
selinux-policy-3.13.1-283.26.fc27.noarch lvrabec@lvrabec-workstation ~ » sudo semanage port -m -t ssh_port_t -p tcp 1234
lvrabec@lvrabec-workstation ~ » sudo semanage port -l | grep 1234
monopd_port_t tcp 1234 ssh_port_t tcp 1234, 22
It looks like you have some custom modifications on your system (e.g: systemdmodules-syscapability) you are stopped by neverallow rule.
This is not issue in selinux-policy update but on your system.
Lukas.