I have Apache 2.4 running on CentOS 7. SE Linux is enabled. The application uses Laravel (Lumen), and connects to MongoDB on another server. All our servers are in Google cloud.The applications fails to load the web page and lumen.log has errors like this lumen.ERROR: MongoDBDriverExceptionConnectionTimeoutException: No suitable servers found (serverSelectionTryOnceset): [Failed to resolve 'mongo.***.***'] in /var/www/***/vendor/mongodb/mongodb/src/Collection.php:612
If SE Linux is disabled, it works. I have the following sebools set
httpd_can_network_connect --> on httpd_can_network_connect_db --> on httpd_can_network_relay --> on
Anything else to be set? How to troubleshoot this?
Advertisement
Answer
I installed setroubleshoot and setools using
yum install setroubleshoot setools
and used it to analyze audit.log.
sealert -a /var/log/audit/audit.log
It turned out that apache was not able to read /etc/hosts and go to MongoDB server.
ls -lZ /etc/hosts
-rw-r--r--. root root system_u:object_r:unlabeled_t:s0 /etc/hosts
Executing
restorecon /etc/hosts
Changed it to
-rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/hosts
and fixed the issue.