Changes between Version 30 and Version 31 of Clients/HTML5

Timestamp:

06/18/20 06:20:59 (10 months ago)

Author:

Antoine Martin

Comment:

--

Clients/HTML5

@@ -18 +18 @@
 * to use an [https://www.nginx.com/ nginx] web server as proxy see here: [/wiki/Nginx]
 * using [https://httpd.apache.org/ apache] as proxy: [/wiki/Apache]
+
+[[BR]]
+
+
+=== SELinux and Proxies ===
+On some distributions (ie: Fedora, RHEL / CentOS), SELinux may block the connection from the web server to the xpra server port.
+There are at least 3 solutions to this problem, from the most secure to the least:
+* add a policy to allow apache to connect only to the xpra port:
+{{{
+require {
+        type httpd_t;
+        type xpra_port_t;
+        class tcp_socket name_connect;
+}
+allow httpd_t xpra_port_t:tcp_socket name_connect;
+}}}
+* allow apache to connect to all ports:
+{{{
+setsebool -P httpd_can_network_connect on
+}}}
+* disable SELinux
 }}}