You discover that SELinux is blocking Apache (httpd_t) from opening a connection to a remote MySQL database on port 3306. Running getsebool shows that the httpd_can_network_connect_db boolean is currently off. The change must take effect immediately and remain in force after every reboot. Which single command best satisfies this requirement?
The -P option of setsebool tells the utility to write the new value to the on-disk policy so the change survives reboots; without -P the setting is only temporary. The correct invocation is therefore:
setsebool -P httpd_can_network_connect_db on
All other choices fail to meet at least one stated requirement:
Using setsebool without -P changes the value only for the running kernel and it reverts at boot.
getsebool merely queries booleans and cannot modify them.
The semanage boolean command shown lists booleans (-l) instead of modifying them, so the value is never changed.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SELinux and why is it important?
Open an interactive chat with Bash
What does the -P option in setsebool do?
Open an interactive chat with Bash
What is the role of the httpd_can_network_connect_db boolean?
Open an interactive chat with Bash
CompTIA Linux+ XK0-006 (V8)
Security
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
IT & Cybersecurity Package Join Premium for Full Access