SELinux denies name_bind to jboss_management_port_t for tomcat_t

Solution Unverified - Updated -

Issue

  • Tomcat will not start due to SELinux denials related to JMX port
  • After upgrading from RHEL 7.3 to 7.4 tomcat will not start
type=AVC msg=audit(1505248782.641:3017): avc:  denied  { name_bind } for  pid=10189 comm="java" src=9999 scontext=system_u:system_r:tomcat_t:s0 tcontext=system_u:object_r:jboss_management_port_t:s0 tclass=tcp_socket

Environment

  • Red Hat Enterprise Linux 7.4
  • tomcat
  • selinux-policy-3.13.1-166.el7_4.4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In