Bug 745639
Summary: | SELinux is preventing /usr/sbin/httpd from 'search' accesses on the directory cobbler. | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Robert Hancock <hancockrwd> |
Component: | cobbler | Assignee: | Scott J Henson <shenson> |
Status: | CLOSED NEXTRELEASE | QA Contact: | Fedora Extras Quality Assurance <extras-qa> |
Severity: | medium | Docs Contact: | |
Priority: | unspecified | ||
Version: | 15 | CC: | awood, brad, dgoodwin, dominick.grift, dwalsh, mgrepl, mike, shenson, vanmeeuwen+fedora |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | setroubleshoot_trace_hash:74fd8a158c963fe984abe6d7642a36a90c370e24a9fd1ae1ee9bcbe3bb249c91 | ||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2011-12-09 17:30:36 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Robert Hancock
2011-10-12 21:39:41 UTC
Adding the custom policy module to allow this works around the problem for me. Any idea why apache would be searching through the cobbler log directory? Was anything actually blocked? I do not know the particular part of code in cobbler that is calling for this search, but I do now that when it is blocked that the kickstart file is not able to be read and I cannot install RHEL. For me this showed up when trying to load the cobbler web UI. There was a Python error trace that came up which unfortunately I don't currently have. It seems like it was trying to either open or write cobbler.log. I guess we can assign this to cobbler for now, to see if they have any ideas. I have no problem adding the access, but it feels like this is a bug. This is fixed in cobbler 2.2 that is currently in updates-testing, but version 2.2 requires different policy changes. See bug 765916. |