SELinux security alert/Squid -
Daniel J Walsh
dwalsh at redhat.com
Mon Feb 8 21:32:06 UTC 2010
On 02/08/2010 03:16 PM, Bob Goodwin wrote:
> On 08/02/10 13:23, Daniel J Walsh wrote:
>
> .
> Are you sure the boolean is turned on ?
>
> # getsebool squid_connect_any
> squid_connect_any --> off
>
> Once you have set the boolean on it should stay that way permanently if
> you use the -P flag
>
> # setsebool -P squid_connect_any 1
>
>
> --------------------------
>
> This is what I get:
>
>
> [bobg at box6 ~]$ getsebool squid_connect_any
> squid_connect_any --> on
>
> I guess that means it should work? It's not a big problem and only began
> yesterday [after an update?] It just puts a warning star at the bottom
> of my screen.
>
> Bob
>
>
>
>
> .--
>
>
Yes, this means that someone put a web sight at 8180, and now squid wants to connect to it. SELinux was preventing it.
More information about the users
mailing list