PG Bug reporting form <noreply@postgresql.org> writes:
> Given that port 5123 is operative on the primary rather than the secondary,
> why should SELinux on the secondary be recording issues for port 5123 ?
This hardly seems like a bug. The entire *point* of SELinux is to prevent
daemon processes from doing unexpected things like connecting to ports
that they shouldn't.
> Issue is resolved by running "semanage port -a -t postgresql_port_t -p tcp
> 5123" on the secondary
And that's where you told SELinux it was okay. But I would not expect
the out-of-the-box configuration to allow this, and it didn't.
regards, tom lane