Bug 983686

Summary: httpd_execmem SELinux Boolean is not mentioned even thought it's required
Product: OpenShift Container Platform Reporter: Miciah Dashiel Butler Masters <mmasters>
Component: DocumentationAssignee: bmoss
Status: CLOSED CURRENTRELEASE QA Contact: ecs-bugs
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 1.2.0CC: adellape, baulakh, jokerman, lcarlon, libra-onpremise-devel, mmccomas
Target Milestone: ---Keywords: Documentation
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2013-08-07 23:39:22 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Miciah Dashiel Butler Masters 2013-07-11 17:48:26 UTC 
Description of problem:
The Deployment Guide doesn't mention the httpd_execmem SELinux Boolean, which must be set.


Version-Release number of selected component (if applicable):
Edition 1.2


How reproducible:
I read it three times, and it wasn't there any one of those three times.


Steps to Reproduce:

1. Load https://access.redhat.com/site/documentation/en-US/OpenShift_Enterprise/1/html-single/Deployment_Guide/index.html#sect-OpenShift_Enterprise-Deployment_Guide-Installing_and_Configuring_the_Broker_Application-Configuring_the_Standard_SELinux_Boolean_Variables

2. Read the setsebool command.

3. Read Table 5.2.


Actual results:
At step 2, the command does not enable the Boolean.  At step 3, the table has no description of the Boolean.

Expected results:
The setsebool command should include 'httpd_execmem=on' to enable the Boolean, and the Table should explain why the Boolean is required: "Allow httpd processes to write to and execute the same memory.  This capability is required by Passenger (used by both the broker and the console) and by The Ruby Racer/V8 (used by the console)."


Additional info:
None.
Comment 2 Alex Dellapenta 2013-08-01 22:02:15 UTC 
*** Bug 991223 has been marked as a duplicate of this bug. ***