Bug 1152163
Summary: | dhcpd fails becuase of selinux violation | |||
---|---|---|---|---|
Product: | Red Hat OpenStack | Reporter: | Jeff Dexter <jdexter> | |
Component: | rhel-osp-installer | Assignee: | Mike Burns <mburns> | |
Status: | CLOSED EOL | QA Contact: | Omri Hochman <ohochman> | |
Severity: | high | Docs Contact: | ||
Priority: | high | |||
Version: | Foreman (RHEL 6) | CC: | benglish, dcleal, jmontleo, jrist, mburns, mgrepl, rhallise, rhos-maint, srevivo, sthirugn, stuart.stent | |
Target Milestone: | --- | Keywords: | ZStream | |
Target Release: | Installer | |||
Hardware: | All | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | Doc Type: | Bug Fix | ||
Doc Text: | Story Points: | --- | ||
Clone Of: | ||||
: | 1161537 (view as bug list) | Environment: | ||
Last Closed: | 2016-09-29 13:24:04 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 1158941, 1161537 |
Description
Jeff Dexter
2014-10-13 14:01:34 UTC
What version of selinux-policy and foreman-selinux are installed? I see the same problem here. selinux-policy-3.7.19-231.el6.noarch foreman-selinux-1.6.0.14-1.el6sat.noarch allow dhcpd_t self:capability chown; This already exists in rhel7. It just needs to be added to rhel6. Which version of the dhcp package are you using? I believe you can do this by installing RHEL 6.5, registering to 6Server, not updating, and then installing dhcp which grabs the latest 6.6 package with selinux-policy-3.7.19-260.el6.noarch: #!!!! This avc is allowed in the current policy allow dhcpd_t self:capability chown; Really the bug in my opinion is that the dhcp package doesn't require a new enough selinux-policy package *** Bug 1158941 has been marked as a duplicate of this bug. *** commit 30d7c568dcf280caa308292bdc8f00eff9b29eab Author: Lukas Vrabec <lvrabec> Date: Tue Apr 29 12:16:30 2014 +0200 Added chown capability to dhcpd_t domain Closing list of bugs for RHEL OSP Installer since its support cycle has already ended [0]. If there is some bug closed by mistake, feel free to re-open. For new deployments, please, use RHOSP director (starting with version 7). -- Jaromir Coufal -- Sr. Product Manager -- Red Hat OpenStack Platform [0] https://access.redhat.com/support/policy/updates/openstack/platform |