-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Jason L Tibbitts III wrote:
> So I have this AVC:
>
> avc: denied { name_connect } for pid=9045 comm="httpd" dest=9680 scontext=user_u:system_r:httpd_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket
>
> which comes from a PHP script trying to open a socket. This is no big
> deal. I believe that setting httpd_can_network_connect should fix it.
> However, I was wondering if it's possible to restrict the destination
> port to 9680, or restrict the destination host at all?
>
> - J<
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-selinux-list
Hope you don't mind but I answered in my blog.
http://danwalsh.livejournal.com/12928.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org
iD8DBQFG+DJbrlYvE4MpobMRAiH4AJ4u6HrNAnDB1Yp5gjWdMOlx6KwHwQCguAcA
h5GSxWz/Qp2XcGIdwJIDZrA=
=waZt
-----END PGP SIGNATURE-----
--
fedora-selinux-list mailing list
fedora-selinux-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-selinux-list
