mirror of
https://github.com/nsacyber/HIRS.git
synced 2024-12-29 17:28:57 +00:00
6847c814af
The CentOS7 package selinux-policy-targeted does not allow Tomcat to use port 3306, which is the default MySQL port. This commit changes the ACA RPM to modify the SELinux policy to grant that permission on fresh installs. This makes the ACA RPM now require the policycoreutils package to be installed.
14 lines
256 B
Plaintext
14 lines
256 B
Plaintext
|
|
module tomcat-mysql-hirs 1.0;
|
|
|
|
require {
|
|
type mysqld_port_t;
|
|
type tomcat_t;
|
|
class tcp_socket name_connect;
|
|
}
|
|
|
|
#============= tomcat_t ==============
|
|
|
|
#!!!! This avc is allowed in the current policy
|
|
allow tomcat_t mysqld_port_t:tcp_socket name_connect;
|