selinux blocking ganglia-web
Kevin H. Hobbs
hobbsk at ohio.edu
Fri Sep 28 18:25:29 UTC 2012
I just replaced the machine that runs ganglia.
httpd is being prevented from connecting to gmond.
All that is displayed is:
There was an error collecting ganglia data (127.0.0.1:8652): fsockopen
error: Permission denied
There's a message in /var/log/messages that blames selinux every time I
load the page.
and sealert says that I could change the behavior by setting
allow_ypbind or httpd_can_network_connect
allow httpd_t unreserved_port_t:tcp_socket name_connect;
I can see how letting httpd make arbitrary connections is bad, so how
can I punch a hole in the rule just for ganglia?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 251 bytes
Desc: OpenPGP digital signature
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120928/8c4e4fae/attachment.sig>
More information about the users
mailing list