SElinux stopping LVS from working with https
Posted
by
J Hoskins
on Server Fault
See other posts from Server Fault
or by J Hoskins
Published on 2012-09-13T22:09:18Z
Indexed on
2012/09/18
3:40 UTC
Read the original article
Hit count: 521
LVS/piranha is setup and trying to get it to balance https instead of http. Setup https testing with wget - idea from this link. Works when I do it at the command prompt. With SELinux enforcing, the wget fails to run due to the lack of access to /dev/random. (Error - Could not seed PRNG; consider using --random-file. Disabling SSL due to encountered errors.)
wget runs as system_u:system_r:piranha_lvs_t:s0 but the file/device /dev/random has system_u:object_r:random_device_t:s0 Also, wget is trying to getattr and read.
How do you allow wget to use /dev/random so it will do ssl?
© Server Fault or respective owner