I have accidentally found out that man pages included selinux-policy do not necessarily reflect the policy itself. $ man ricci_selinux > [...] > SELinux defines port types to represent TCP and UDP ports. > > You can see the types associated with a port by using the following > command: > > semanage port -l > > Policy governs the access confined processes have to these ports. > SELinux ricci policy is very flexible allowing users to setup their > ricci processes in as secure a method as possible. > > The following port types are defined for ricci: > > ricci_modcluster_port_t > > Default Defined Ports: > tcp 8021 > [...] This does not reflect a real state as modcluster uses port 16851 as is also contained in the policy. Please make the selinux-policy man pages reflect the actual policy that is included in the same package. $ rpm -qf /usr/share/man/man8/ricci_selinux.8.gz selinux-policy-3.7.19-154.el6.noarch
I need to regenerate them for RHEL6.4
*** Bug 891986 has been marked as a duplicate of this bug. ***
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-0314.html