Re: SELinux blocks my library catalog

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Joel Gomberg wrote:
> Joel Gomberg wrote:
>> My library uses port 8080 for accessing its catalog:
>>
>> http://oaklandlibrary.org:8080/ipac20/ipac.jsp?profile=#focus
>>
>> SELinux denies access.  With setenforce=0, access is permitted, so I'm
>> sure it's a SELinux issue.  After perusing the SELinux FAQ, I issued
>> this command:
>>
>> semanage port -a -p tcp -t http_port_t 8080.
>>
>> The response was that port 8080 was already defined.
>>
>> Suggestions are welcome.
> 
> I forgot to include the relevant audit log entry:
> 
> type=AVC msg=audit(1145058006.474:1026): avc:  denied  { name_connect }
> for  pid=13185 comm="privoxy" dest=8080
> scontext=system_u:system_r:privoxy_t:s0
> 
> -- 
> Joel
> 
try:
semanage port -l | grep 8080

you should see something like:
http_cache_port_t              tcp      3128, 8080, 8118

if you want to allow privoxy_t access to this port as well, you could
attempt this:
semanage port -m -p tcp -t privoxy_t 8080

notice the -m instead of the -a (you're modifying an already defined
port, rather than adding a new one)

see if that helps

regards

Stuart
- --
Stuart Sears RHCA RHCX
To err is human, to forgive is Not Company Policy.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org

iD8DBQFEQPsnamPtx1brPQ4RAjB2AJ9j5i5EPpZPZxySTM6CDzaaHrFpwQCfQ1Q1
lOI4WHw3bMxQ0NU+6FyM/yU=
=nMt+
-----END PGP SIGNATURE-----


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux