[PATCH 2/2] Fix SELinux AVCs on paste hosts due to httpd trying to connect to mysql
Josh
jokajak at gmail.com
Sat Mar 16 01:17:08 UTC 2013
Yes please! audit2why (or maybe audit2allow) should recommend the same thing.
-josh
On Mar 15, 2013, at 5:54 PM, Kevin Fenzi <kevin at scrye.com> wrote:
> On Thu, 14 Mar 2013 08:58:38 +0000
> Mahrud Sayrafi <dinovirus+NOSPAM at gmail.com> wrote:
>
> ...snip...
>
>> + # Fix SELinux AVCs due to httpd trying to connect to mysql tcp port
>> + if ($operatingsystem == "RedHat" and $operatingsystemrelease >= 6)
>> {
>> + selinux-policy::custom { 'paste': }
>> + }
>> }
>>
>> # Proxy setup
>
> I think we could do this one via the httpd_can_network_connect_db
> selinux boolean?
>
> kevin
> _______________________________________________
> infrastructure mailing list
> infrastructure at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/infrastructure
More information about the infrastructure
mailing list