- Log in to post comments
User bio
404 bio not found
Member since Aug 11, 2016
Posts:
Justin has not published any posts yet.
Replies:
httpd_sys_content_t only allows httpd to read the files. To read and write to them it should be httpd_sys_rw_content_t such as:
chcon -t httpd_sys_rw_content_t /opt/cspgateway/bin/CSP.log
chcon -t httpd_sys_rw_content_t /opt/cspgateway/bin/CSP.ini
- Log in to post comments
Certifications & Credly badges:
Justin has no Certifications & Credly badges yet.
Followers:
Justin has no followers yet.
Following:
Justin has not followed anybody yet.
In trying to run CSP and Cache on the same server I also ran into the issue that httpd was not being allowed to connect to port 1972. The quickest fix was to turn on the SELinux boolean allowing httpd to establish network connections:
setsebool -P httpd_can_network_connect on
A more security-restrictive option (that I haven't tested) may be to change the SELinux type of port 1972 from unreserved_port_t to http_port_t. But I'm not sure if this would have any other impact on Cache...
semanage port -m -t http_port_t -p tcp 1972