Re: [PATCH 2/2] Fix SELinux AVCs on paste hosts due to httpd trying to connect to mysql

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Yes please!  audit2why (or maybe audit2allow) should recommend the same thing.

-josh
On Mar 15, 2013, at 5:54 PM, Kevin Fenzi <kevin@xxxxxxxxx> wrote:

> On Thu, 14 Mar 2013 08:58:38 +0000
> Mahrud Sayrafi <dinovirus+NOSPAM@xxxxxxxxx> wrote:
> 
> ...snip...
> 
>> +  # Fix SELinux AVCs due to httpd trying to connect to mysql tcp port
>> +  if ($operatingsystem == "RedHat" and $operatingsystemrelease >= 6)
>> {
>> +    selinux-policy::custom { 'paste': }
>> +  }
>> } 
>> 
>> # Proxy setup
> 
> I think we could do this one via the httpd_can_network_connect_db
> selinux boolean?
> 
> kevin
> _______________________________________________
> infrastructure mailing list
> infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure

_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure
[Index of Archives]     [Fedora Development]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [KDE Users]

  Powered by Linux