| Summary: | policy to allow CTDB make Samba run | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 7 | Reporter: | lejeczek <peljasz> | |
| Component: | selinux-policy | Assignee: | Lukas Vrabec <lvrabec> | |
| Status: | CLOSED INSUFFICIENT_DATA | QA Contact: | Milos Malik <mmalik> | |
| Severity: | high | Docs Contact: | ||
| Priority: | medium | |||
| Version: | 7.2 | CC: | lvrabec, mgrepl, mmalik, peljasz, plautrba, pvrabec, ssekidde | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | x86_64 | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | If docs needed, set a value | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 1394210 (view as bug list) | Environment: | ||
| Last Closed: | 2018-04-29 14:45:03 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Bug Depends On: | ||||
| Bug Blocks: | 1394210 | |||
Milos, Is this issue still valid? Our TC did not trigger any SELinux denials when executed on RHEL-7.4 machine with the latest selinux-policy, but the TC does not exercise CUPS in any way. Please attach SELinux denials that you encountered in described scenario. We want to make sure that all relevant SELinux denials are fixed. Based on no response. Closing this ticket. If you're still facing this issue feel free to re-open this bugzilla. Thanks, Lukas. ok |
Description of problem: after consulting selinux@list it was suggested to me that I should file this request here: ... > maybe I'll describe set of circumstances/settings (or maybe just one > setting) that should help you to reproduce this selinux problem? > I'll start with - Centos 7.2 + > selinux-policy-targeted-3.13.1-60.el7_2.9.noarch and then you want in > your /etc/sysconfig/ctdb CTDB_MANAGES_SAMBA=yes which means that ctdb > would be managing smb daemons. - you should see ctdb being unable to > copy smb.conf (during startup) and then to access cups and maybe some more. Ok it makes sense to have these rules in the distribution policy. .... many thanks Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info: