selinux httpd_can_network_connect_db question
 

Hi everyone,

I have a question related to SELinux and in particular the httpd_can_network_connect_db flag.

I'm running fedora virtual machine inside a win 7 machine. About a year ago I installed phpMyAdmin and it ran without any problems. A week ago I tried going to http://localhost/phpMyAdmin and it gave me the following error (after entering the user and password into the login page of phpMyAdmin):

"2002 - The server is not responding (or the local MySQL server's socket is not correctly configured)"

The SELinux icon went on in the desktop. After searching on the web, I found that I can fix the problem with this command:

# setsebool -P httpd_can_network_connect_db on

After that I can go into phpMyAdmin without problems. Just to test it out, I turn off the flag with:

setsebool -P httpd_can_network_connect_db off

and I verified that the flag is indeed off:

# getsebool httpd_can_network_connect_db
httpd_can_network_connect_db --> off

However, even after a reboot and clearing my firefox history, I can still go phpMyAdmin without any error.

Here are my questions:

1. Why is it that I can go into phpMyAdmin a year ago without problems? There was no more updates to Fedora 14 I access phpMyAdmin last year. What could have caused the change?

2. Why is it that when I turn *off* httpd_can_network_connect_db (after turning it on) I can still run phpMyAdmin?

I just wanted to know in case this issue comes up again especially in later fedora releases.

Thanks for your replies.

-jon

Hi,

Have you checked your selinux status in fedora? If the Selinux status is in permissive mode then you can able to access the site, but if it is in enforcing mode then you have to enable the flag.

You can use -P option
 

Hi.

This post is old but is a reference from duckduckgo.com :), the answer is: setsebool -P httpd_can_network_connect_db on

Source: https://access.redhat.com/site/docum..._Booleans.html

Thanks a lot.