selinux prevents tomcat from starting due to the setsched permission missing

Solution Verified - Updated -

Issue

  • selinux does not allow the tomcat service to start
  • selinux prevents tomcat_t domain from the setsched permission
  • After updating the selinux-policy package to version 3.13.1-166.el7.noarch, tomcat service does not start any longer due to an AVC denial

Environment

RHEL 7.4
selinux-policy-3.13.1-166.el7_4.4.noarch
tomcat-7.0.76-2.el7.noarch
java-1.8.0-ibm-1.8.0.4.10-1jpp.3.el7.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content