Recently while working on a CentOS 5.4 Apache web server I came across an interesting problem. The server was going to start connecting to a remote PostgreSQL server and leverage PHP to make the connection. However in looking at the logs I would see errors about the server not listening.
This was odd because if you tried to ping the machine or port on the server you would get a response. Then when I looked in /var/log/messages I noticed the SELinux logs:
Basically, SELinux was blocking the connection. Now you could go the throw the baby out with the bathwater route by just disabling SELinux:
But you are losing a really good security function for the sake of one problem.
The better and by far easier than writing a custom policy is just to enable the following Boolean: