-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Joel Gomberg wrote: > Joel Gomberg wrote: >> My library uses port 8080 for accessing its catalog: >> >> http://oaklandlibrary.org:8080/ipac20/ipac.jsp?profile=#focus >> >> SELinux denies access. With setenforce=0, access is permitted, so I'm >> sure it's a SELinux issue. After perusing the SELinux FAQ, I issued >> this command: >> >> semanage port -a -p tcp -t http_port_t 8080. >> >> The response was that port 8080 was already defined. >> >> Suggestions are welcome. > > I forgot to include the relevant audit log entry: > > type=AVC msg=audit(1145058006.474:1026): avc: denied { name_connect } > for pid=13185 comm="privoxy" dest=8080 > scontext=system_u:system_r:privoxy_t:s0 > > -- > Joel > try: semanage port -l | grep 8080 you should see something like: http_cache_port_t tcp 3128, 8080, 8118 if you want to allow privoxy_t access to this port as well, you could attempt this: semanage port -m -p tcp -t privoxy_t 8080 notice the -m instead of the -a (you're modifying an already defined port, rather than adding a new one) see if that helps regards Stuart - -- Stuart Sears RHCA RHCX To err is human, to forgive is Not Company Policy. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org iD8DBQFEQPsnamPtx1brPQ4RAjB2AJ9j5i5EPpZPZxySTM6CDzaaHrFpwQCfQ1Q1 lOI4WHw3bMxQ0NU+6FyM/yU= =nMt+ -----END PGP SIGNATURE-----
