The jws5_tomcat_domain does not apply to the selinux boolean `tomcat_can_network_connect_db`. The jws5-tomcat-selinux package should have a similar policy to the RHEL Tomcat counterpart.
# sesearch -b tomcat_can_network_connect_db -AC Found 10 semantic av rules: DT allow tomcat_domain mssql_port_t : tcp_socket name_connect ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain oracle_client_packet_t : packet recv ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain oracle_client_packet_t : packet send ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain postgresql_port_t : tcp_socket name_connect ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain mssql_client_packet_t : packet recv ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain mssql_client_packet_t : packet send ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain mysqld_port_t : tcp_socket name_connect ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain mongod_port_t : tcp_socket name_connect ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain oracle_port_t : tcp_socket name_connect ; [ tomcat_can_network_connect_db ] DT allow tomcat_domain gds_db_port_t : tcp_socket name_connect ; [ tomcat_can_network_connect_db ]
- is blocked by
-
JWS-1363 JWS5 Zip install runs with unconfined SELinux context
- Closed