2010/4/12 Marti, Robert <RJM002@xxxxxxxx>: > It opened the port as far as SELinux is concerned. Is the port firewalled off to localhost? > the port is not firewalled (not at the box level for sure), iptable shows: /sbin/iptables -L Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination and secondly I can (logged as Apache [given it a shell]) source the URL I want to opend without any problem. I did finally put SELinux completely off (/usr/sbin/setenforce 0) but I should consider the last option to just allow HTTPD to connect. > Rob Marti > > -----Original Message----- > From: redhat-list-bounces@xxxxxxxxxx [mailto:redhat-list-bounces@xxxxxxxxxx] On Behalf Of Johan Dindaine > Sent: Monday, April 12, 2010 8:24 AM > To: General Red Hat Linux discussion list > Subject: Re: SELinux dropping PHP Connection > > not in message but in /var/log/audit/audit.log > type=AVC msg=audit(1271075175.712:264486): avc: denied { > name_connect } for pid=31420 comm="httpd" dest=15000 > scontext=user_u:system_r:httpd_t:s0 > tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket > > I did run this command that has solved the problem: > /usr/sbin/semanage port -a -t http_port_t -p tcp 15000 > > but now I receive another error: > Warning: file_get_contents(http://localhost:15000/...) > [function.file-get-contents]: failed to open stream: Connection > refused > > The previous command should have opened port 15000 so how the > connection can be dropped now? > > 2010/4/12 Marti, Robert <RJM002@xxxxxxxx>: >> Anything showing up in /var/log/messages? >> >> Sent from my iPhone >> >> On Apr 12, 2010, at 7:48, "Johan Dindaine" <jojolapin972@xxxxxxxxx> >> wrote: >> >>> Good morning the list, >>> >>> I am managing a Red Hat server which has got a standar LAMP >>> environment (PHP 5.3 + MYSQL 5.1 + Apache 2.2.3). >>> When I am trying to parse files that are external to my network or out >>> of my virtual host I got this weird error message: >>> Warning: file_get_contents(http://localhost:15000/solr...) >>> [function.file-get-contents]: failed to open stream: Permission denied >>> I suspect that SELinux is dropping the connection as I haven't set up >>> any limitation at PHP level (safe_mode is Off and allow_url_fopen is >>> ON). >>> My question is how can I modify this setting to allow my script to >>> call this external URL? >>> >>> -- >>> redhat-list mailing list >>> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >>> https://www.redhat.com/mailman/listinfo/redhat-list >> >> -- >> redhat-list mailing list >> unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe >> https://www.redhat.com/mailman/listinfo/redhat-list >> > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > > -- > redhat-list mailing list > unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe > https://www.redhat.com/mailman/listinfo/redhat-list > -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
