Hello,
First, try setting SELinux in permissive mode globally to see if that changes anything:
root@host:# setenforce 0
The run your program and let it do what it wants to do. If you still get errors, then SELinux is not the issue(at least not the whole issue).
HTH
/tony
On Fri, 2 Dec 2022 11:24:53 +0100
Alessandro Baggi
Hi,
I'm running AlmaLinux 9.1 on VM to play with SELinux and trying to create a custom policy for an app. This app is written in Python and wait files to be processed (uploaded via sftp from another host). It read data from this file and then save them on postgresql DB. If something is wrong with the data, it will send an email.
I followed this:
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/htm...
Generating a custom policy, a permissive line is inserted in the policy:
permissive example_t;
that, if I'm not wrong, also if denials are found it runs the policy as permissive.
Commenting this line and reload the policy my program does not work anymore and I receive this error:
psycopg2.connect(127.0.0.1): could not receive data from server: Permission denied could not send SSL negotiation packet: Permission denied
The strange thing is that if I run:
# ausearch -m AVC -ts recent
I don't receive new denied AVC.
I tried also to read PostgreSQL side logs but nothing useful.
Can someone point me in the right direction?
Thank you in advance.
_______________________________________________ AlmaLinux Users mailing list -- users@lists.almalinux.org To unsubscribe send an email to users-leave@lists.almalinux.org
--
Tony Albers