1038770 – Additional SELinux settings to allow cobbler 2.4 to function

Bug 1038770 - Additional SELinux settings to allow cobbler 2.4 to function

Summary: Additional SELinux settings to allow cobbler 2.4 to function

Keywords:
Status:	CLOSED DUPLICATE of bug 816309
Alias:	None
Product:	Red Hat Enterprise Linux 6
Classification:	Red Hat
Component:	selinux-policy
Sub Component:
Version:	6.4
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	unspecified
Target Milestone:	rc
Target Release:	---
Assignee:	Lukas Vrabec
QA Contact:	Milos Malik
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2013-12-05 19:29 UTC by Jonathan Underwood
Modified:	2015-02-25 12:25 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2015-02-25 12:25:53 UTC
Target Upstream Version:

Attachments	(Terms of Use)
Audit messages without the custom module (5.63 KB, text/plain) 2013-12-05 19:29 UTC, Jonathan Underwood	no flags	Details
View All Add an attachment (proposed patch, testcase, etc.)

Description Jonathan Underwood 2013-12-05 19:29:30 UTC

Created attachment 833305 [details]
Audit messages without the custom module

Description of problem:
I needed to generate a custom module to successfully use cobbler on rhel 6.4 with SELinux in enforcing mode. The module is:


module cobbler_local 1.0;

require {
        type httpd_sys_content_t;
        type etc_t;
        type cobblerd_t;
        class lnk_file { read getattr };
        class file write;
        class dir read;
}

#============= cobblerd_t ==============
allow cobblerd_t etc_t:file write;
allow cobblerd_t httpd_sys_content_t:dir read;
allow cobblerd_t httpd_sys_content_t:lnk_file { read getattr };



Version-Release number of selected component (if applicable):
# rpm -qa | grep selinux
ipa-server-selinux-3.0.0-26.el6_4.4.x86_64
libselinux-python-2.0.94-5.3.el6_4.1.x86_64
libselinux-2.0.94-5.3.el6_4.1.x86_64
selinux-policy-targeted-3.7.19-195.el6_4.18.noarch
libselinux-ruby-2.0.94-5.3.el6_4.1.x86_64
libselinux-utils-2.0.94-5.3.el6_4.1.x86_64
selinux-policy-3.7.19-195.el6_4.18.noarch
pki-selinux-9.0.3-30.el6.noarch

# rpm -qa | grep cobbler
cobbler-2.4.0-1.el6.noarch


I'll attach the audit messages.

Comment 2 Miroslav Grepl 2015-02-25 12:25:53 UTC


*** This bug has been marked as a duplicate of bug 816309 ***

Note You need to log in before you can comment on or make changes to this bug.