selinux prevents tomcat from starting due to the setsched permission missing
Issue
- selinux does not allow the tomcat service to start
- selinux prevents
tomcat_t
domain from thesetsched
permission - After updating the selinux-policy package to version 3.13.1-166.el7.noarch, tomcat service does not start any longer due to an AVC denial
Environment
RHEL 7.4
selinux-policy-3.13.1-166.el7_4.4.noarch
tomcat-7.0.76-2.el7.noarch
java-1.8.0-ibm-1.8.0.4.10-1jpp.3.el7.x86_64
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.