apache mod_jk
Daniel J Walsh
dwalsh at redhat.com
Wed Jul 20 19:42:02 UTC 2005
Marko Bauhardt wrote:
> Hello all,
> i have a question about selinux and apache/mod_jk.
> I use Fedora Core 3.
> The apache runs flawless (The files in /var/www/html are available).
>
> But the connection to the tomcat dont work. The debug output in
> /var/log/messages:
> audit(1121888291.180:0): avc: denied { connect } for pid=3388
> exe=/usr/sbin/httpd scontext=root:system_r:httpd_t
> tcontext=root:system_r:httpd_t tclass=tcp_socket
>
> if i turned off the selinux with "setenforce 0",the jsps in the tomcat
> are available. But i think this is a bad workaround to set the enforce
> to 0. If i execute "setenforce 1" the connection to the tomcat fails.
> Exist another solution to connect the apache with the tomcat?
>
> Must i use the command chcon for the files in my tomcat?
>
> --
> fedora-selinux-list mailing list
> fedora-selinux-list at redhat.com
> http://www.redhat.com/mailman/listinfo/fedora-selinux-list
Set boolean httpd_can_network_connect to true.
setsebool -P httpd_can_network_connect=1
--
More information about the selinux
mailing list