tomcat_t domain made confined in RHEL 7.4
Issue
- After updating the selinux-policy package to version 3.13.1-166.el7.noarch, tomcat service does not start any longer due to an AVC denial
- SELinux does not allow the tomcat service to start after update to RHEL 7.4
- SELinux denies the
setschedpermission for thetomcat_tdomain - SELinux denies
name_bindtojboss_management_port_tfortomcat_t - SELinux denies
name_connecttomssql_port_tfortomcat_t - SELinux denies
name_connecttomysql_port_tfortomcat_t - SELinux denies
name_bindaccess on thetcp_socketport8082 - tomcat fails to start via the tomcat-jsvc service startup due to selinux denials
- selinux blocks starting of the ocf:heartbeat:tomcat resource
Environment
RHEL 7.4
tomcat
selinux-policy-3.13.1-166.el7_4.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
