Skip to content
Advertisement

What configuration settings need to be done to fix Apache – MongoDB connectivity issues caused by SE Linux?

I have Apache 2.4 running on CentOS 7. SE Linux is enabled. The application uses Laravel (Lumen), and connects to MongoDB on another server. All our servers are in Google cloud.The applications fails to load the web page and lumen.log has errors like this lumen.ERROR: MongoDBDriverExceptionConnectionTimeoutException: No suitable servers found (serverSelectionTryOnceset): [Failed to resolve 'mongo.***.***'] in /var/www/***/vendor/mongodb/mongodb/src/Collection.php:612 If SE Linux is disabled, it works. I have the following sebools set

httpd_can_network_connect --> on
httpd_can_network_connect_db --> on
httpd_can_network_relay --> on

Anything else to be set? How to troubleshoot this?

Advertisement

Answer

I installed setroubleshoot and setools using
yum install setroubleshoot setools
and used it to analyze audit.log.
sealert -a /var/log/audit/audit.log
It turned out that apache was not able to read /etc/hosts and go to MongoDB server.
ls -lZ /etc/hosts -rw-r--r--. root root system_u:object_r:unlabeled_t:s0 /etc/hosts
Executing
restorecon /etc/hosts
Changed it to
-rw-r--r--. root root system_u:object_r:net_conf_t:s0 /etc/hosts
and fixed the issue.

User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement