From 5bc8a4c94d24b7ed7745396d4463d838eb9d4770 Mon Sep 17 00:00:00 2001
From: Jonathan Baecker <jb@pixelcrusher.de>
Date: Thu, 27 Aug 2020 13:33:23 +0200
Subject: [PATCH] fix message sending on centos

---
 README.md  | 4 +++-
 install.sh | 5 +++++
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index 43b4f56f..33c95a6b 100644
--- a/README.md
+++ b/README.md
@@ -4,7 +4,9 @@ ffplayout-gui
 This web GUI is for managing [ffplayout-engine](https://github.com/ffplayout/ffplayout-engine).
 For a better understanding about the functionality, take a look to the screenshots below.
 
-You can install it on a fresh debian/centos minimal like system with running `./install.sh` as root.
+You can install it on a fresh Debian/CentOS minimal like system with running `./install.sh` as root.
+
+**Recommend system is a current Debian version.**
 
 Updating is also possible with: `./install.sh update`
 
diff --git a/install.sh b/install.sh
index 90f77dbe..3a3f4e2e 100755
--- a/install.sh
+++ b/install.sh
@@ -366,6 +366,8 @@ module gunicorn 1.0;
 require {
     type init_t;
     type httpd_sys_content_t;
+    type unreserved_port_t;
+	class tcp_socket name_connect;
     type etc_t;
     type sudo_exec_t;
     class file { create execute execute_no_trans getattr ioctl lock map open read unlink write };
@@ -384,6 +386,9 @@ allow init_t httpd_sys_content_t:file { create execute execute_no_trans getattr
 #!!!! This avc is allowed in the current policy
 allow init_t httpd_sys_content_t:lnk_file { getattr read };
 
+#!!!! This avc can be allowed using the boolean 'nis_enabled'
+allow init_t unreserved_port_t:tcp_socket name_connect;
+
 #!!!! This avc is allowed in the current policy
 allow init_t sudo_exec_t:file { execute execute_no_trans map open read };
 EOF