Bug 375651 - policy break bugzilla (3.0.2-0.fc8)
policy break bugzilla (3.0.2-0.fc8)
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted (Show other bugs)
8
i386 Linux
low Severity low
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
: Reopened
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2007-11-11 05:00 EST by Féliciano Matias
Modified: 2007-11-30 17:12 EST (History)
0 users

See Also:
Fixed In Version: 3.0.8-54.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2007-11-17 14:57:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
avc errors (uniq) (5.85 KB, text/plain)
2007-11-11 05:00 EST, Féliciano Matias
no flags Details
Rules created by autid2allow (1.55 KB, text/plain)
2007-11-11 05:03 EST, Féliciano Matias
no flags Details
avc error (uniq) (6.47 KB, text/plain)
2007-11-11 11:11 EST, Féliciano Matias
no flags Details
Rules created by autid2allow (1.99 KB, text/plain)
2007-11-11 11:12 EST, Féliciano Matias
no flags Details
dump of getsebool -a (3.12 KB, text/plain)
2007-11-11 11:14 EST, Féliciano Matias
no flags Details
bugzilla configuration (4.22 KB, text/plain)
2007-11-11 11:15 EST, Féliciano Matias
no flags Details

  None (edit)
Description Féliciano Matias 2007-11-11 05:00:23 EST
Description of problem:

In selinux enforcement mode, bugzilla can not work.


Version-Release number of selected component (if applicable):

selinux-policy-targeted-3.0.8-47.fc8
bugzilla-3.0.2-0.fc8


How reproducible:

always.


Steps to Reproduce:
1.Installe bugzilla.
2.Use it.
  

Actual results:

Does not work.


Expected results:

Should work.


Additional info:
Bugzilla configured to use PostgreSQL.
Comment 1 Féliciano Matias 2007-11-11 05:00:23 EST
Created attachment 254331 [details]
avc errors (uniq)
Comment 2 Féliciano Matias 2007-11-11 05:03:56 EST
Created attachment 254341 [details]
Rules created by autid2allow

A work around.
Comment 3 Féliciano Matias 2007-11-11 05:11:59 EST
Comment of https://bugzilla.redhat.com/show_bug.cgi?id=375651#c1 is :
avc errors (uniq)
Comment 4 Féliciano Matias 2007-11-11 06:43:13 EST
Unconfirmed bug.
Sorry but I begin with Selinux.
I would play with system-config-selinux or setsebool before confirming this bug.
Status change to close/INSUFFICIENT_DATA.
Comment 5 Féliciano Matias 2007-11-11 11:09:31 EST
I adjusted some selinux booleans. But it's not enought.
Comment 6 Féliciano Matias 2007-11-11 11:11:28 EST
Created attachment 254691 [details]
avc error (uniq)
Comment 7 Féliciano Matias 2007-11-11 11:12:50 EST
Created attachment 254701 [details]
Rules created by autid2allow

A work around.
Comment 8 Féliciano Matias 2007-11-11 11:14:02 EST
Created attachment 254711 [details]
dump of getsebool -a
Comment 9 Féliciano Matias 2007-11-11 11:15:42 EST
Created attachment 254721 [details]
bugzilla configuration 

/etc/bugzilla/localconfig
Comment 10 Daniel Walsh 2007-11-12 15:14:42 EST
Fixed in selinux-policy-3.0.8-53.fc8
Comment 11 Daniel Walsh 2007-11-12 15:34:16 EST
The current policy assumes that you will be using named pipes to communicate
with a local mysql or postgres database.
Comment 12 Féliciano Matias 2007-11-14 20:39:26 EST
This seems to work but I should do more test (I don't have enough time right
now). I'll close the bug a little later after more test. Tested with
selinux-policy-3.0.8-54.fc8

> The current policy assumes that you will be using named pipes to communicate
with a local mysql or postgres database.

If I remember correctly, the default configuration for
allow_user_postgresql_connect is off. That's why I have connected to PostgreSQL
thru 127.0.0.1.
Comment 13 Féliciano Matias 2007-11-17 14:57:20 EST
Tested with selinux-policy-3.0.8-54.fc8, things seems to work well.
Bug closed.

Note You need to log in before you can comment on or make changes to this bug.