Comment # 4 on bug 1188295 from 
For completeness: it looks like the WINCH signal is indeed used by Apache for
graceful shutdown, see
https://httpd.apache.org/docs/2.4/en/stopping.html#gracefulstop

However, peer="unconfined" looks strange. I'd expect that Apache sends that
signal only to its child processes, which run under the same profile or in a
hat.

If you ever see a denial for WINCH with peer="/usr/sbin/httpd-prefork" (or one
of its hats), feel free to report it (or add a signal rule for it to the
profile) - but I'd recommend not to add a rule for peer="unconfined".

You are receiving this mail because: