Bug 1106330
Summary: | selinux prevents swift-container from connecting to TCP port 6002 | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 7 | Reporter: | Giulio Fidente <gfidente> | ||||
Component: | selinux-policy | Assignee: | Miroslav Grepl <mgrepl> | ||||
Status: | CLOSED ERRATA | QA Contact: | Karel Srot <ksrot> | ||||
Severity: | urgent | Docs Contact: | |||||
Priority: | urgent | ||||||
Version: | 7.0 | CC: | gfidente, lhh, mgrepl, mmalik, nlevinki, rhallise, tkammer, yeylon | ||||
Target Milestone: | beta | ||||||
Target Release: | 7.0 | ||||||
Hardware: | Unspecified | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | |||||||
: | 1109087 (view as bug list) | Environment: | |||||
Last Closed: | 2015-03-05 10:39:33 UTC | Type: | Bug | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Bug Depends On: | |||||||
Bug Blocks: | 1109087, 1111271 | ||||||
Attachments: |
|
Description
Giulio Fidente
2014-06-09 05:46:52 UTC
Created attachment 904770 [details]
AVC messages from audit.log
To start with, rsync_full_access needs to be set: # setsebool -P rsync_full_access 1 This part needs to be fixed in staypuft. Ports 6000, 6001, 6002 are all used by Swift. https://access.redhat.com/site/documentation/en-US/Red_Hat_Enterprise_Linux_OpenStack_Platform/5/html/Installation_and_Configuration_Guide/Configuring_the_Object_Storage_Service_Storage_Nodes.html So, these should be allowed. I added fixes to Fedora/RHEL7.1 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHBA-2015-0458.html |