Bug 1290117 - Guest instance should work with SELinux in enforcing mode
Guest instance should work with SELinux in enforcing mode
Status: CLOSED WONTFIX
Product: Red Hat OpenStack
Classification: Red Hat
Component: openstack-trove (Show other bugs)
8.0 (Liberty)
Unspecified Unspecified
unspecified Severity unspecified
: ---
: 9.0 (Mitaka)
Assigned To: Victoria Martinez de la Cruz
Luigi Toscano
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2015-12-09 11:53 EST by Luigi Toscano
Modified: 2016-06-29 14:30 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2016-06-29 14:30:07 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Luigi Toscano 2015-12-09 11:53:00 EST
Description of problem:
Currently, SELinux is set to permissive in guest instances. It should be possible to set it to Enforcing (with some rules).
Comment 1 Luigi Toscano 2015-12-10 06:59:17 EST
Context: api-config.ini is used for the first time in Sahara post-Liberty, see
https://review.openstack.org/#/c/231989/
https://bugs.launchpad.net/sahara/+bug/1503983
Comment 2 Ryan Hallisey 2016-06-29 14:27:56 EDT
Can you report any AVCs you get from running in permissive mode? We can see about those landing in openstack-selinux.

Note You need to log in before you can comment on or make changes to this bug.