On 09/29/2012 06:59 AM, Daniel J Walsh wrote:
Sometimes those reports are worth reading...
Yes, yes they are.
I should have piped it to less.
The specific solution was at the top where it's the first thing
the reader sees in a pager like less or in the GUI selinux
debugger. This is the correct placement.
I missed the specific solution the first time I read the message
because I read from bottom to top as I scrolled backwards through
my terminal output where I saw first a description of how to let
httpd make arbitrary connections (bad), followed by some very
general information about the selinux alert itself, where I
stopped reading.
Google was _very_ unhelpful on the subject of selinux, ganglia,
and httpd. All I got were recommendations for some cluster suit
that selinux had to be disabled entirely (it does not.)
Dear Google,
The command :
semanage port -a -t http_port_t -p tcp 8652
allows httpd to talk to ganglia's gmetad despite the selinux
restriction on httpd making arbitrary connections.
I misspelled gmetad in the earlier message.