Bug 436535 - denial when bugzilla uses remote ldap
Summary: denial when bugzilla uses remote ldap
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
(Show other bugs)
Version: 8
Hardware: All Linux
low
low
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-03-07 19:17 UTC by cje
Modified: 2008-11-17 22:03 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-11-17 22:03:16 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

Description cje 2008-03-07 19:17:49 UTC
Description of problem:
bugzilla can't connect to a remote LDAP server

te from audit2allow:

allow httpd_bugzilla_script_t ldap_port_t:tcp_socket name_connect;

:-)

Comment 1 Daniel Walsh 2008-03-10 13:55:12 UTC
Is this a common setup?  Why does bugzilla use ldap?

Comment 2 cje 2008-03-10 21:35:27 UTC
it's the only remote account management option available in bugzilla (i think).
 i imagine it's not in common use because it doesn't work well.

but the point is that it's certainly meant to be possible - it's not an add-on
feature or anything - it's right there in the .rpm package.

see section 3.1.11. "LDAP Authentication" on
http://www.bugzilla.org/docs/3.0/html/parameters.html


Comment 3 Daniel Walsh 2008-03-11 23:27:57 UTC
Ok, although from reading up on it, it seems pretty shaky.

Fixed in selinux-policy-3.0.8-93.fc8

Comment 4 cje 2008-03-11 23:58:06 UTC
thanks.  :-)

(i'm working on it - bug 437035 bug 436536)

Comment 5 Daniel Walsh 2008-11-17 22:03:16 UTC
Closing all bugs that have been in modified for over a month.  Please reopen if the bug is not actually fixed.


Note You need to log in before you can comment on or make changes to this bug.