-1

How do I create a selinux policy to allow gunicorn to operate with nginx for a django managed web site? I know there's a way to do it, but don't understand selinux' arcane policy definitions --YES, I have read the documents.

If I disable selinux with "setenforce 0", then "systemctl start gunicorn" loads gunicorn. If selinux is set to enforcing (setenforce 1), the systemctl command fails. This is definitely a policy issue.

So, can anyone describe how to set the policy to allow gunicorn to load?

Improve this question
2
  • "the systemctl command fails" - unless you say what sort of failure that is (highly specific logs are emitted by systemd and selinux) and why the usual methods of creating or amending a policy have not worked out for you, there is not much specifics that can be answered her.
    – anx
    Commented Jun 4 at 18:18
  • Can you edit your question to add the output of journalctl -u gunicorn and audit2allow -a please, so we can better help you?
    – setenforce 1
    Commented Jun 4 at 18:53

0

Reset to default

You must log in to answer this question.

Browse other questions tagged .