2006/7/4, Paul Howarth <paul@xxxxxxxxxxxx>:
On Mon, 2006-07-03 at 18:35 -0300, Clodoaldo Pinto wrote:
> FC5 SELinux prevents php from connecting to postgresql.
>
> I had a hard time trying to figure out why I could not connect from
> php to postgres locally in a new and patched FC5 box, although I could
> connect to that same postgres server and with the same user from
> another box (FC3).
>
> >From /var/log/messages:
>
> kernel: audit(1151945653.900:39): avc: denied { name_connect } for
> pid=17167 comm="httpd" dest=5432 scontext=user_u:system_r:httpd_t:s0
> tcontext=system_u:object_r:postgresql_port_t:s0 tclass=tcp_socket
Try:
# setsebool -P httpd_can_network_connect_db 1
Thank you Paul. I had already solved it when I posted using the
instructions here:
http://fedora.redhat.com/docs/selinux-faq-fc5/#id2961385
Your suggestion seems much simpler. Is it permanent? Where can a
SEBolls list be found?
I just posted this to alert others who could fall in the same problem.
BTW, why is httpd prevented to connect to postgres (the only db I
tested until now) as default? Is it a bug?
Regards, Clodoaldo Pinto
