Bug 1447597
| Summary: | RFE : SELinux translator to support setting SELinux contexts on files in a glusterfs volume | ||
|---|---|---|---|
| Product: | [Community] GlusterFS | Reporter: | Niels de Vos <ndevos> |
| Component: | core | Assignee: | Jiffin <jthottan> |
| Status: | CLOSED CURRENTRELEASE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 3.11 | CC: | bugs, srangana |
| Target Milestone: | --- | Keywords: | FutureFeature, Triaged |
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | glusterfs-3.11.0 | Doc Type: | Enhancement |
| Doc Text: | Story Points: | --- | |
| Clone Of: | 1318100 | Environment: | |
| Last Closed: | 2017-05-30 18:51:45 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | 1318100 | ||
| Bug Blocks: | 1446928 | ||
|
Description
Niels de Vos
2017-05-03 09:44:26 UTC
Also needs a backport of https://review.gluster.org/6630 REVIEW: https://review.gluster.org/17157 (extras/hook-scripts: SELinux brick file context management scripts) posted (#1) for review on release-3.11 by Niels de Vos (ndevos) REVIEW: https://review.gluster.org/17159 (SELinux : implementation of SELinux translator) posted (#1) for review on release-3.11 by jiffin tony Thottan (jthottan) COMMIT: https://review.gluster.org/17159 committed in release-3.11 by Kaushal M (kaushal) ------ commit 845f67fce0aa17b5e10b80a4007d5d5c549084a0 Author: Manikandan Selvaganesh <mselvaga> Date: Wed Mar 16 21:37:22 2016 +0530 SELinux : implementation of SELinux translator The patch implement a part of SELinux translator to support setting SELinux contexts on files in a glusterfs volume. URL: https://github.com/gluster/glusterfs-specs/blob/master/accepted/SELinux-client-support.md Upstream reference : >Change-Id: Id8916bd8e064ccf74ba86225ead95f86dc5a1a25 >BUG: 1318100 >Fixes : #55 >Signed-off-by: Manikandan Selvaganesh <mselvaga> >Signed-off-by: Jiffin Tony Thottan <jthottan> >Signed-off-by: Niels de Vos <ndevos> >Reviewed-on: https://review.gluster.org/13762 >Smoke: Gluster Build System <jenkins.org> >NetBSD-regression: NetBSD Build System <jenkins.org> >CentOS-regression: Gluster Build System <jenkins.org> >Reviewed-by: Manikandan Selvaganesh <manikandancs333> >Reviewed-by: Atin Mukherjee <amukherj> Change-Id: Id8916bd8e064ccf74ba86225ead95f86dc5a1a25 BUG: 1447597 Signed-off-by: Jiffin Tony Thottan <jthottan> Reviewed-on: https://review.gluster.org/17159 Reviewed-by: Niels de Vos <ndevos> Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> COMMIT: https://review.gluster.org/17157 committed in release-3.11 by Kaushal M (kaushal) ------ commit 3fe8119ed80d82d0a4ae5beba6b0712d0dda691b Author: Niels de Vos <ndevos> Date: Wed May 3 12:02:40 2017 +0200 extras/hook-scripts: SELinux brick file context management scripts The SELinux policy for gluster defines the glusterd_brick_t type to support server side SELinux (e.g., server side labels). Add convenience hook scripts that users/packagers can install to ensure that new bricks are labeled correctly. The volume create hook script adds a new SELinux file context for each brick path and runs a restorecon to label the brick. The volume delete hook removes the per-brick SELinux file context. Cherry picked from commit 859669759f7fa0f2114add13660ce3bf16c77f30: > Change-Id: I5f102db5382d813c4d822ff74e873a7a669b41db > BUG: 1047975 > Signed-off-by: Brian Foster <bfoster> > Signed-off-by: Niels de Vos <ndevos> > Signed-off-by: Jiffin Tony Thottan <jthottan> > Reviewed-on: https://review.gluster.org/6630 > Smoke: Gluster Build System <jenkins.org> > NetBSD-regression: NetBSD Build System <jenkins.org> > CentOS-regression: Gluster Build System <jenkins.org> > Reviewed-by: Kaleb KEITHLEY <kkeithle> Change-Id: I5f102db5382d813c4d822ff74e873a7a669b41db BUG: 1447597 Signed-off-by: Niels de Vos <ndevos> Reviewed-on: https://review.gluster.org/17157 Smoke: Gluster Build System <jenkins.org> NetBSD-regression: NetBSD Build System <jenkins.org> CentOS-regression: Gluster Build System <jenkins.org> Reviewed-by: jiffin tony Thottan <jthottan> This bug is getting closed because a release has been made available that should address the reported issue. In case the problem is still not fixed with glusterfs-3.11.0, please open a new bug report. glusterfs-3.11.0 has been announced on the Gluster mailinglists [1], packages for several distributions should become available in the near future. Keep an eye on the Gluster Users mailinglist [2] and the update infrastructure for your distribution. [1] http://lists.gluster.org/pipermail/announce/2017-May/000073.html [2] https://www.gluster.org/pipermail/gluster-users/ |