Displaying 1 result from an estimated 1 matches for "httpd_port_t".
Did you mean:
http_port_t
2017 Sep 29
1
[Fwd: Re: [HEADS UP] Default value of SELinux boolean httpd_graceful_shutdown will changed.]
...onfused: disabling httpd_graceful_shutdown will have or
> wouldn't have an effect on httpd_can_network_connect being enabled?
>
httpd_graceful_shutdown is subset of httpd_can_network_connect.
Turning on httpd_graceful_shutdown you allow httpd_t domain connecting
just to ports labeled as httpd_port_t.
Turning on httpd_can_network_connect you allow httpd_t domain connecting
to all ports from SELinux POV.
Right now, we ship selinux-policy with httpd_graceful_shutdown turned on
and httpd_can_network_connect turned off. But it's confusing for users
because they have httpd_can_connect turned of...