On 14/09/09 09:40, briaeros007 wrote:
Hello, First of all, i'm sorry if my questions is something "dumb". Here the context of my trouble : I have create a server with an php website. This php website use a postgresql db on the same server. I use a RHEL 5.3 and selinux with the policy "targeted". For the website to works properly, i must add the rules : "allow httpd_t postgresql_port_t:tcp_socket name_connect;" So now my problem is : If i update my server and the policy is updated : Is there a way to automatically add this (local) rule ? What i want to do is to use the rhel policy as a base, and to add my own local rules without the need to recompile them/add them manually at each update. I don't know if i'm very clear /o\
You probably don't need to add any rules at all. Try setting this boolean instead:
# setsebool -P httpd_can_network_connect_db=1 Paul. -- This message was distributed to subscribers of the selinux mailing list. If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with the words "unsubscribe selinux" without quotes as the message.
