I installed Ubuntu 15.04 and then installed selinux by doing sudo apt-get install selinux. I then did setsebool -P httpd_can_network_connect 0 and got a "Boolean httpd_can_network_connect is not defined" error.
I do getsebool -a | grep http and don't get any results back.
So it doesn't appear that I'm able to get this as an option let alone enable it on Ubuntu. Any ideas as to what I can do to get it working?
I just deployed an Ubuntu 15.04 image, and after apt-get update, installing SELinux I was too unable to set that boolean as it is "Invalid".
getsebool -a | grep http shows that there are no policies including http, and this is despite having policycoreutils installed and updated.
I am understanding that this either has been removed from the Ubuntu package(s) going forward, or is not supported. (Don't they push AppArmor anyways?) Regardless of my speculation, scouring the 'net held no results in terms of "why" this boolean does not exist anymore.
My apologies for not having the answer you wanted to hear, but the above is the result of intense digging certainly!
You’ve not mentioned what policy set you’re using. httpd_can_network_connect comes from the SELinux Reference Policy by Tresys Technologies (which is the one that is enabled by default in CentOS, Fedora, and RHEL). I believe this policy set, including the httpd_can_network_connect boolean is installed via the selinux-policy-default package in Ubuntu.
