Description of problem: We decided not to just claim a random TCP port, but use something more standard. It turns out that the 'websm' (or Web System Manager) port 9090 is available for Cockpit to use. So we would like to change the selinux policy on Fedora 21, Fedora Rawhide, and RHEL 7.x (and atomic) to include an definition for the websm port, and change the cockpit policy to use that.
5b44d01a1021d2ec3f9c1e1323c298ef1467db2f fixes this in git.
Please note that this change has already been tagged into Rawhide and F21, and is already in those branches since August 18th. So since this has already been merged for F21 and Rawhide, I think we can close this bug?
selinux-policy-3.13.1-77.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/selinux-policy-3.13.1-77.fc21
Package selinux-policy-3.13.1-77.fc21: * should fix your issue, * was pushed to the Fedora 21 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing selinux-policy-3.13.1-77.fc21' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2014-9873/selinux-policy-3.13.1-77.fc21 then log in and leave karma (feedback).
selinux-policy-3.13.1-78.fc21 has been submitted as an update for Fedora 21. https://admin.fedoraproject.org/updates/selinux-policy-3.13.1-78.fc21
selinux-policy-3.13.1-78.fc21 has been pushed to the Fedora 21 stable repository. If problems still persist, please make note of it in this bug report.
Port 9090 is a _very_ bad idea. That is already taken by a _lot_ of applications. Now I have to go a de-conflict the cockpit port. And I just can't seem to find how to do that...
(In reply to Ferry Huberts from comment #7) > Port 9090 is a _very_ bad idea. > That is already taken by a _lot_ of applications. > Now I have to go a de-conflict the cockpit port. > And I just can't seem to find how to do that... Any memorable port will have this problem for someone somewhere. Lets make it easier to change the port. We'll track that in bug #1173342