selinux prevents tomcat from starting due to the setsched permission missing

Solution Verified - Updated -

Issue

  • selinux does not allow the tomcat service to start
  • selinux prevents tomcat_t domain from the setsched permission
  • After updating the selinux-policy package to version 3.13.1-166.el7.noarch, tomcat service does not start any longer due to an AVC denial

Environment

RHEL 7.4
selinux-policy-3.13.1-166.el7_4.4.noarch
tomcat-7.0.76-2.el7.noarch
java-1.8.0-ibm-1.8.0.4.10-1jpp.3.el7.x86_64

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In