squirrelmail not working after policy update
Daniel J Walsh
dwalsh at redhat.com
Tue Jun 21 11:04:16 UTC 2005
Bob Kashani wrote:
>On Mon, 2005-06-20 at 11:14 -0400, Daniel J Walsh wrote:
>
>
>>Bob Kashani wrote:
>>
>>
>>
>>>FC3 selinux-policy-targeted-1.17.30-3.9
>>>
>>>Arrgh...squirrelmail is not working. I ran audit2allow and it told me to
>>>add this:
>>>
>>>allow httpd_t self:tcp_socket connect;
>>>
>>>Which makes everything work now. Is this correct?
>>>
>>>Here is the AVC error that I was getting:
>>>
>>>Jun 17 18:32:26 sorcerer kernel: audit(1119058346.336:0): avc: denied
>>>{ connect } for pid=3388 exe=/usr/sbin/httpd
>>>scontext=user_u:system_r:httpd_t tcontext=user_u:system_r:httpd_t
>>>tclass=tcp_socket
>>>
>>>Bob
>>>
>>>
>>>
>>>
>>>
>>Set the boolean squid_connect_any
>>
>>setsebool -P squid_connect_any=1
>>
>>This will allow the above rule.
>>
>>
>
>It didn't work. :( I still get the same error. Also, I don't have squid
>installed...does that matter?
>
>Bob
>
>
>
SHould have said
httpd_can_network_connect
setsebool -P httpd_can_network_connect=1
Answering multiple bugs at the same time, sorry.
--
More information about the fedora-selinux-list
mailing list