RE: SELinux dropping PHP Connection

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



It opened the port as far as SELinux is concerned.  Is the port firewalled off to localhost?

Rob Marti

-----Original Message-----
From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Johan Dindaine
Sent: Monday, April 12, 2010 8:24 AM
To: General Red Hat Linux discussion list
Subject: Re: SELinux dropping PHP Connection

not in message but in /var/log/audit/audit.log
type=AVC msg=audit(1271075175.712:264486): avc:  denied  {
name_connect } for  pid=31420 comm="httpd" dest=15000
scontext=user_u:system_r:httpd_t:s0
tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket

I did run this command that has solved the problem:
/usr/sbin/semanage port -a -t http_port_t -p tcp 15000

but now I receive another error:
Warning: file_get_contents(http://localhost:15000/...)
[function.file-get-contents]: failed to open stream: Connection
refused

The previous command should have opened port 15000 so how the
connection can be dropped now?

2010/4/12 Marti, Robert <RJM002@xxxxxxxx>:
> Anything showing up in /var/log/messages?
>
> Sent from my iPhone
>
> On Apr 12, 2010, at 7:48, "Johan Dindaine" <jojolapin972@xxxxxxxxx>
> wrote:
>
>> Good morning the list,
>>
>> I am managing a Red Hat server which has got a standar LAMP
>> environment (PHP 5.3 + MYSQL 5.1 + Apache 2.2.3).
>> When I am trying to parse files that are external to my network or out
>> of my virtual host I got this weird error message:
>> Warning: file_get_contents(http://localhost:15000/solr...)
>> [function.file-get-contents]: failed to open stream: Permission denied
>> I suspect that SELinux is dropping the connection as I haven't set up
>> any limitation at PHP level (safe_mode is Off and allow_url_fopen is
>> ON).
>> My question is how can I modify this setting to allow my script to
>> call this external URL?
>>
>> --
>> redhat-list mailing list
>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
>> https://www.redhat.com/mailman/listinfo/redhat-list
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list

[Index of Archives]     [CentOS]     [Kernel Development]     [PAM]     [Fedora Users]     [Red Hat Development]     [Big List of Linux Books]     [Linux Admin]     [Gimp]     [Asterisk PBX]     [Yosemite News]     [Red Hat Crash Utility]


  Powered by Linux