So I have this AVC:
avc: denied { name_connect } for pid=9045 comm="httpd" dest=9680 scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket
which comes from a PHP script trying to open a socket. This is no big
deal. I believe that setting httpd_can_network_connect should fix it.
However, I was wondering if it's possible to restrict the destination
port to 9680, or restrict the destination host at all?
- J<
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
