Hide Forgot
tcp 1521 is the legacy Oracle port. Newer installations use tcp 2483, which is denied by the latest SELinux policy. 2484 is the new reserved port for Oracle over SSL. To Repro: 1) setsebool -P httpd_can_network_connect_db=1 2) Have a script attempt outbound connection on port 2483 and 2484 Suggested fix: Same as Bug 570481, add tcp 2483 and 2484 to the list. Workaround: httpd_can_network_connect=1 "works," but too permissively. Is there an upgrade-safe way for customers to customize the list of ports?
You can define these ports as mysql or postgresl ports. semanage port -a -t mysqld_port_t -p tcp 1521 semanage port -a -t mysqld_port_t -p tcp 2483 semanage port -a -t mysqld_port_t -p tcp 2484