Displaying 1 result from an estimated 1 matches for "httpd_can_connect".
2017 Sep 29
1
[Fwd: Re: [HEADS UP] Default value of SELinux boolean httpd_graceful_shutdown will changed.]
...rts labeled as httpd_port_t.
Turning on httpd_can_network_connect you allow httpd_t domain connecting
to all ports from SELinux POV.
Right now, we ship selinux-policy with httpd_graceful_shutdown turned on
and httpd_can_network_connect turned off. But it's confusing for users
because they have httpd_can_connect turned off but httpd_t domain can
still connect co http_port_t ports becuase of httpd_gracefull_shudown.
I hope it's more clear now.
> Do I need to do anything in FreeIPA setup?
>
No if httpd_can_network_connect is enabled during FreeIPA setup, you
don't need to change anything.
L...