+##
## Allow httpd daemon to change its resource limits
##
##
@@ -1009,6 +1016,10 @@ logging_send_syslog_msg(httpd_helper_t)
userdom_use_inherited_user_terminals(httpd_helper_t)
+tunable_policy(`httpd_verify_dns',`
+ corenet_udp_bind_all_ephemeral_ports(httpd_t)
+')
+
tunable_policy(`httpd_run_stickshift', `
allow httpd_t self:capability { fowner fsetid sys_resource };
dontaudit httpd_t self:capability sys_ptrace;