diff options
-rw-r--r-- | pki/base/selinux/src/pki.if | 3 | ||||
-rw-r--r-- | pki/base/selinux/src/pki.te | 2 |
2 files changed, 4 insertions, 1 deletions
diff --git a/pki/base/selinux/src/pki.if b/pki/base/selinux/src/pki.if index 47e34e861..0709176ea 100644 --- a/pki/base/selinux/src/pki.if +++ b/pki/base/selinux/src/pki.if @@ -192,6 +192,9 @@ template(`pki_ca_template',` #connect to ldap corenet_tcp_connect_ldap_port($1_t) + # tomcat connects to ephemeral ports on shutdown + corenet_tcp_connect_all_unreserved_ports($1_t) + optional_policy(` #This is broken in selinux-policy we need java_exec defined, Will add to policy gen_require(` diff --git a/pki/base/selinux/src/pki.te b/pki/base/selinux/src/pki.te index f506553ee..7f6e65738 100644 --- a/pki/base/selinux/src/pki.te +++ b/pki/base/selinux/src/pki.te @@ -1,4 +1,4 @@ -policy_module(pki,10.0.1) +policy_module(pki,10.0.2) attribute pki_ca_config; attribute pki_ca_executable; |