First at all: I'm using targeted policy and
When my web application (using php) try to connect to postgresql
database I get:
*Warning*: pg_connect(): Unable to connect to PostgreSQL server: could
not connect to server: 8ïïï|
Is the server running locally and accepting
connections on Unix domain socket "/tmp/.s.PGSQL.5432"? in
*/var/www/html/encuesta/index.php* on line *7
*In dmesg I see:
audit(1100638278.903:0): avc: denied { connectto } for pid=2481
exe=/usr/sbin/httpd path=/tmp/.s.PGSQL.5432
scontext=user_u:system_r:httpd_t tcontext=user_u:system_r:unconfined_t
tclass=unix_stream_socke
and ls -laZ /tmp/s.PGSQL.5432 show:
srwxrwxrwx postgres postgres user_u:object_r:tmp_t /tmp/.s.PGSQL.5432
What can I do?
What if I append line "can_unix_connect(httpd_php_t, unconfined_t)" in
/etc/selinux/targeted/src/policy/domains/program/apache.te ? (What if I
don't want that 'httpd' can connect to other socks?).
Thanks in advance and excuse my english.
Ricardo.-
