Hi everyone!
Successfully installed osTicket v 1.16.3 on a Rocky Linux 9.
Followed this tutorial
which worked swimmingly.
Only problem though is with SELinux:
As long as it is in enforced mode, I'm not allowed to access the database. When I disable it temporarily, everything works fine. If I turn SELinux back on, I get a blank page. phpMyAdmin says "Permission Denied".
During the installation there were specific SELinux measures that had to be taken, which were these:
sudo setsebool -P httpd_can_network_connect 1
sudo semanage fcontext -a -t httpd_sys_rw_content_t "/var/www/osTicket(/.*)?"
sudo restorecon -Rv /var/www/osTicket/
But apparently that's not enough.
When I run:
ausearch -m avc -ts today | audit2why
I get this:
type=AVC msg=audit(1661930308.485:53): avc: denied { connectto } for pid=760 comm="php-fpm" path="/var/lib/mysql/mysql.sock" scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:system_r:unconfined_service_t:s0 tclass=unix_stream_socket permissive=0
Was caused by:
Missing type enforcement (TE) allow rule.
You can use audit2allow to generate a loadable module to allow this access.`
I would really like to keep SELinux running. Happy to provide any information necessary.
Thanks in advance for any help! 🙂
