summaryrefslogtreecommitdiffstats
path: root/pki
diff options
context:
space:
mode:
Diffstat (limited to 'pki')
-rw-r--r--pki/base/selinux/src/pki.if3
-rw-r--r--pki/base/selinux/src/pki.te2
2 files changed, 4 insertions, 1 deletions
diff --git a/pki/base/selinux/src/pki.if b/pki/base/selinux/src/pki.if
index 47e34e861..0709176ea 100644
--- a/pki/base/selinux/src/pki.if
+++ b/pki/base/selinux/src/pki.if
@@ -192,6 +192,9 @@ template(`pki_ca_template',`
#connect to ldap
corenet_tcp_connect_ldap_port($1_t)
+ # tomcat connects to ephemeral ports on shutdown
+ corenet_tcp_connect_all_unreserved_ports($1_t)
+
optional_policy(`
#This is broken in selinux-policy we need java_exec defined, Will add to policy
gen_require(`
diff --git a/pki/base/selinux/src/pki.te b/pki/base/selinux/src/pki.te
index f506553ee..7f6e65738 100644
--- a/pki/base/selinux/src/pki.te
+++ b/pki/base/selinux/src/pki.te
@@ -1,4 +1,4 @@
-policy_module(pki,10.0.1)
+policy_module(pki,10.0.2)
attribute pki_ca_config;
attribute pki_ca_executable;
generated by cgit (git 2.34.1) at 2024-09-17 03:38:47 +0000