Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 949258 Details for
Bug 1151647
SELinux: unable to install a custom policy because no datum for type nova_provider_t
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
updated custom policy
tripleo-selinux-keepalived.te (text/plain), 6.99 KB, created by
Richard Su
on 2014-10-22 05:58:44 UTC
(
hide
)
Description:
updated custom policy
Filename:
MIME Type:
Creator:
Richard Su
Created:
2014-10-22 05:58:44 UTC
Size:
6.99 KB
patch
obsolete
> >module tripleo-selinux-keepalived 1.0; > >require { > type haproxy_t; > type nova_api_t; > type initrc_t; > type snmpd_t; > type rabbitmq_epmd_t; > type dhcpc_t; > type nova_cert_t; > type openvswitch_t; > type nova_conductor_t; > type auditd_t; > type systemd_logind_t; > type httpd_t; > type cinder_scheduler_t; > type dnsmasq_t; > type mysqld_safe_t; > type rabbitmq_beam_t; > type getty_t; > type lvm_t; > type systemd_hostnamed_t; > type unconfined_t; > type sshd_net_t; > type crond_t; > type keystone_t; > type rpcbind_t; > type init_t; > type system_cronjob_t; > type mysqld_t; > type syslogd_t; > type rsync_t; > type swift_t; > type system_dbusd_t; > type nova_scheduler_t; > type cinder_volume_t; > type cinder_api_t; > type neutron_t; > type kernel_t; > type glance_api_t; > type mandb_t; > type cluster_t; > type nova_console_t; > type udev_t; > type glance_registry_t; > type sshd_t; > type ntpd_t; > type keepalived_t; > type rpcd_t; > type memcached_t; > type insmod_t; > type iptables_t; > type semanage_t; > type tgtd_t; > type file_t; > type systemd_tmpfiles_t; > type load_policy_t; > type setfiles_t; > type setsebool_t; > type rpm_t; > type netutils_t; > class process signull; > class capability kill; > class dir search; > class file { getattr read open }; >} > >#============= keepalived_t ============== ># killall denials ># https://bugs.launchpad.net/tripleo/+bug/1379079 ># https://bugzilla.redhat.com/show_bug.cgi?id=1145886 >allow keepalived_t auditd_t:dir search; >allow keepalived_t auditd_t:file { read getattr open }; >allow keepalived_t cinder_api_t:dir search; >allow keepalived_t cinder_api_t:file { read getattr open }; >allow keepalived_t cinder_scheduler_t:dir search; >allow keepalived_t cinder_scheduler_t:file { read getattr open }; >allow keepalived_t cinder_volume_t:dir search; >allow keepalived_t cinder_volume_t:file { read getattr open }; >allow keepalived_t cluster_t:dir search; >allow keepalived_t cluster_t:file { read getattr open }; >allow keepalived_t crond_t:dir search; >allow keepalived_t crond_t:file { read getattr open }; >allow keepalived_t dhcpc_t:dir search; >allow keepalived_t dhcpc_t:file { read getattr open }; >allow keepalived_t dnsmasq_t:dir search; >allow keepalived_t dnsmasq_t:file { read getattr open }; >allow keepalived_t getty_t:dir search; >allow keepalived_t getty_t:file { read getattr open }; >allow keepalived_t glance_api_t:dir search; >allow keepalived_t glance_api_t:file { read getattr open }; >allow keepalived_t glance_registry_t:dir search; >allow keepalived_t glance_registry_t:file { read getattr open }; >allow keepalived_t haproxy_t:dir search; >allow keepalived_t haproxy_t:file { read getattr open }; >allow keepalived_t haproxy_t:process signull; >allow keepalived_t httpd_t:dir search; >allow keepalived_t httpd_t:file { read getattr open }; >allow keepalived_t init_t:file { read getattr open }; >allow keepalived_t initrc_t:dir search; >allow keepalived_t initrc_t:file { read getattr open }; >allow keepalived_t insmod_t:dir search; >allow keepalived_t insmod_t:file { read getattr open }; >allow keepalived_t iptables_t:dir search; >allow keepalived_t iptables_t:file { read getattr open }; >allow keepalived_t kernel_t:dir search; >allow keepalived_t kernel_t:file { read getattr open }; >allow keepalived_t keystone_t:dir search; >allow keepalived_t keystone_t:file { read getattr open }; >allow keepalived_t load_policy_t:dir search; >allow keepalived_t load_policy_t:file { read getattr open }; >allow keepalived_t lvm_t:dir search; >allow keepalived_t lvm_t:file { read getattr open }; >allow keepalived_t mandb_t:dir search; >allow keepalived_t mandb_t:file { read getattr open }; >allow keepalived_t memcached_t:dir search; >allow keepalived_t memcached_t:file { read getattr open }; >allow keepalived_t mysqld_safe_t:dir search; >allow keepalived_t mysqld_safe_t:file { read getattr open }; >allow keepalived_t mysqld_t:dir search; >allow keepalived_t mysqld_t:file { read getattr open }; >allow keepalived_t netutils_t:dir search; >allow keepalived_t netutils_t:file { read getattr open }; >allow keepalived_t neutron_t:dir search; >allow keepalived_t neutron_t:file { read getattr open }; >allow keepalived_t nova_api_t:dir search; >allow keepalived_t nova_api_t:file { read getattr open }; >allow keepalived_t nova_cert_t:dir search; >allow keepalived_t nova_cert_t:file { read getattr open }; >allow keepalived_t nova_conductor_t:dir search; >allow keepalived_t nova_conductor_t:file { read getattr open }; >allow keepalived_t nova_console_t:dir search; >allow keepalived_t nova_console_t:file { read getattr open }; >allow keepalived_t nova_scheduler_t:dir search; >allow keepalived_t nova_scheduler_t:file { read getattr open }; >allow keepalived_t ntpd_t:dir search; >allow keepalived_t ntpd_t:file { read getattr open }; >allow keepalived_t openvswitch_t:dir search; >allow keepalived_t openvswitch_t:file { read getattr open }; >allow keepalived_t rabbitmq_beam_t:dir search; >allow keepalived_t rabbitmq_beam_t:file { read getattr open }; >allow keepalived_t rabbitmq_epmd_t:dir search; >allow keepalived_t rabbitmq_epmd_t:file { read getattr open }; >allow keepalived_t rpcbind_t:dir search; >allow keepalived_t rpcbind_t:file { read getattr open }; >allow keepalived_t rpcd_t:dir search; >allow keepalived_t rpcd_t:file { read getattr open }; >allow keepalived_t rpm_t:dir search; >allow keepalived_t rpm_t:file { read getattr open }; >allow keepalived_t rsync_t:dir search; >allow keepalived_t rsync_t:file { read getattr open }; >allow keepalived_t self:capability kill; >allow keepalived_t semanage_t:dir search; >allow keepalived_t semanage_t:file { read getattr open }; >allow keepalived_t setfiles_t:dir search; >allow keepalived_t setfiles_t:file { read getattr open }; >allow keepalived_t setsebool_t:dir search; >allow keepalived_t setsebool_t:file { read getattr open }; >allow keepalived_t snmpd_t:dir search; >allow keepalived_t snmpd_t:file { read getattr open }; >allow keepalived_t sshd_net_t:dir search; >allow keepalived_t sshd_net_t:file { read getattr open }; >allow keepalived_t sshd_t:dir search; >allow keepalived_t sshd_t:file { read getattr open }; >allow keepalived_t swift_t:dir search; >allow keepalived_t swift_t:file { read getattr open }; >allow keepalived_t syslogd_t:dir search; >allow keepalived_t syslogd_t:file { read getattr open }; >allow keepalived_t system_cronjob_t:dir search; >allow keepalived_t system_cronjob_t:file { read getattr open }; >allow keepalived_t system_dbusd_t:dir search; >allow keepalived_t system_dbusd_t:file { read getattr open }; >allow keepalived_t systemd_hostnamed_t:dir search; >allow keepalived_t systemd_hostnamed_t:file { read getattr open }; >allow keepalived_t systemd_logind_t:dir search; >allow keepalived_t systemd_logind_t:file { read getattr open }; >allow keepalived_t systemd_tmpfiles_t:dir search; >allow keepalived_t systemd_tmpfiles_t:file { read getattr open }; >allow keepalived_t tgtd_t:dir search; >allow keepalived_t tgtd_t:file { read getattr open }; >allow keepalived_t udev_t:dir search; >allow keepalived_t udev_t:file { read getattr open }; >allow keepalived_t unconfined_t:dir search; >allow keepalived_t unconfined_t:file { read getattr open };
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=949258">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 1151647
: 949258