Bug 1460654

Summary: Remove Glusterd SELinux module from Distribution policy
Product: Red Hat Enterprise Linux 7 Reporter: Lukas Vrabec <lvrabec>
Component: selinux-policyAssignee: Lukas Vrabec <lvrabec>
Status: CLOSED WONTFIX QA Contact: Milos Malik <mmalik>
Severity: high Docs Contact:
Priority: unspecified    
Version: 7.5CC: hhan, lmen, lvrabec, mchangir, mgrepl, mmalik, plautrba, pvrabec, ssekidde, xuzhang, yafu, zpytela
Target Milestone: rc   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1460657 1816718 (view as bug list) Environment:
Last Closed: 2019-03-14 17:05:36 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1460657    
Bug Blocks: 1653106, 1816718, 2160724    

Description Lukas Vrabec 2017-06-12 10:49:26 UTC 
Description of problem:
Due to different timelines of Gluster and RHEL product we have lot of Z-stream erratas in RHEL because of changes in Glusterd SELinux module which is shipped by selinux-policy in RHEL base. This is quite uncomfortable for both sides (selinux-team and gluster team). We have solution for this situation. Glusterd SELinux module can be shipped by Gluster team by own (sub)package. For more info please see: 

Shipping a custom SELinux policy together with product bring several benefits:

    Changes  in a policy can be modified immediately, so the product package  maintainer does not need to wait until the distribution SELinux policy  is updated.

    Policy changes in product SELinux policy can  be released together with changes in product package so SELinux policy  will be always synchronized with a product.

    Product  package can follow different timeline deadlines then SELinux policy  package, this can cause issues and customer can get new product package  version without necessary changes in SELinux policy and this can block  some functionality of a product.


Actual results:
Glusterd SELinux module is part of selinux-policy package in RHEL.

Expected results:
Glusterd SELinux module will be part of glusterd package.
Comment 6 Zdenek Pytela 2019-03-14 17:05:36 UTC 
This issue was not selected to be included in Red Hat Enterprise Linux 7.7 because it has been stalled for some time and the very next release will be in Maintenance Support 1 Phase, which means that qualified Critical and Important Security errata advisories (RHSAs) and Urgent Priority Bug Fix errata advisories (RHBAs) may be released as they become available.

We will now close this issue and continue the effort in Red Hat Enterprise Linux 8.
Comment 7 Red Hat Bugzilla 2023-09-18 00:12:30 UTC 
The needinfo request[s] on this closed bug have been removed as they have been unresolved for 120 days