selinux blocking ganglia-web
Jack Craig
jack.craig.aptos at gmail.com
Fri Sep 28 18:34:50 UTC 2012
doesnt the selinux troubleshooter offer suggestions?
On Fri, Sep 28, 2012 at 11:25 AM, Kevin H. Hobbs <hobbsk at ohio.edu> wrote:
> I just replaced the machine that runs ganglia.
>
> httpd is being prevented from connecting to gmond.
>
> All that is displayed is:
>
> There was an error collecting ganglia data (127.0.0.1:8652): fsockopen
> error: Permission denied
>
> There's a message in /var/log/messages that blames selinux every time I
> load the page.
>
> and sealert says that I could change the behavior by setting
> allow_ypbind or httpd_can_network_connect
>
> allow httpd_t unreserved_port_t:tcp_socket name_connect;
>
> I can see how letting httpd make arbitrary connections is bad, so how
> can I punch a hole in the rule just for ganglia?
>
>
>
>
> --
> users mailing list
> users at lists.fedoraproject.org
> To unsubscribe or change subscription options:
> https://admin.fedoraproject.org/mailman/listinfo/users
> Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
> Have a question? Ask away: http://ask.fedoraproject.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20120928/f2f841f5/attachment-0001.html>
More information about the users
mailing list