curl http://example.com
data retrieved ok
sudo -u apache curl http://example.com
20 seconds later
curl: (7) couldn't connect to host
What would cause this, and how can I change it? I'm running some code as apache (mostly due to file permissions), and that code needs to be able to connect to another server.
Based on another question (Block outgoing connections for certaing uids (root, apache, nobody)) I thought maybe the answer would be in /etc/iptables, but that file doesn't use -m owner:
# Firewall configuration written by system-config-firewall
# Manual customization of this file is not recommended.
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT
-A INPUT -m state --state NEW -p tcp --dport 443 -j ACCEPT
-A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT
-A INPUT -p icmp -j ACCEPT
-A INPUT -i lo -j ACCEPT
-A INPUT -m state --state NEW -m tcp -p tcp --dport 22 -j ACCEPT
-A INPUT -j REJECT --reject-with icmp-host-prohibited
-A FORWARD -j REJECT --reject-with icmp-host-prohibited
COMMIT
SELinux is in permissive mode, as far as I can tell:
cat /selinux/enforce
0
What else could be causing this? RHEL 6.2.