[Bug 164992] New: Mod_proxy does not work with SElinux default policy

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I wonder whether this boolean should really just be "on" by default.

----- Forwarded message from bugzilla@xxxxxxxxxx -----

From: bugzilla@xxxxxxxxxx
To: jorton@xxxxxxxxxx
Date: Wed, 3 Aug 2005 08:02:27 -0400
Subject: [Bug 164992]  New: Mod_proxy does not work with SElinux default policy

Please do not reply directly to this email. All additional
comments should be made in the comments box of this bug report.




https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=164992

           Summary: Mod_proxy does not work with SElinux default policy
           Product: Fedora Core
           Version: fc4
          Platform: i386
        OS/Version: Linux
            Status: NEW
          Severity: low
          Priority: normal
         Component: httpd
        AssignedTo: jorton@xxxxxxxxxx
        ReportedBy: trash_alias@xxxxxxxx
   Estimated Hours: 0.0


>From Bugzilla Helper:
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.10) Gecko/20050720 Fedora/1.0.6-1.1.fc4 Firefox/1.0.6

Description of problem:
Bad: mod_proxy fail if selinux is enabled

[Wed Aug 03 13:52:12 2005] [debug] proxy_http.c(67): proxy: HTTP: canonicalising URL //webmail.XXX.be/exchange/
[Wed Aug 03 13:52:12 2005] [debug] mod_proxy.c(419): Trying to run scheme_handler
[Wed Aug 03 13:52:12 2005] [debug] proxy_http.c(1062): proxy: HTTP: serving URL https://webmail.XXX.be/exchange/
[Wed Aug 03 13:52:12 2005] [debug] proxy_http.c(186): proxy: HTTP connecting https://webmail.XXX.be/exchange/ to webmail.XXX.be:443
[Wed Aug 03 13:52:12 2005] [debug] proxy_util.c(1139): proxy: HTTP: fam 2 socket created to
connect to webmail.XXX.be
Bad: [Wed Aug 03 13:52:12 2005] [error] (13)Permission denied: proxy: HTTP: attempt to connect to 123.123.123.123:443 (webmail.XXX.be) failed


Version-Release number of selected component (if applicable):
selinux-policy-targeted-1.25.3-9 httpd-2.0.54-10.1

How reproducible:
Always

Steps to Reproduce:
1.setenforce 1
2.access your http server configured ro reverse proxying
3.fail with message: BAD gateway
4. setenforce 0
5. it work.
  

Expected Results:  I would expect the default policy to allow proxying and Message is not explicit and I had to search a long time to understand....

Additional info:

-- 
Configure bugmail: https://bugzilla.redhat.com/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

----- End forwarded message -----

--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-selinux-list
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux