First Last Prev Next    This bug is not in your last search results.
Bug 805127 - CFSE installation is missing Candlepin SELinux policy
CFSE installation is missing Candlepin SELinux policy
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 6
Classification: Red Hat
Component: Subscription Management (Show other bugs)
6.0.0
Unspecified Unspecified
unspecified Severity low (vote)
: Unspecified
: --
Assigned To: Miroslav Suchý
Og Maciel
: Triaged
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-03-20 11:17 EDT by Lukas Zapletal
Modified: 2014-09-18 11:32 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2014-07-02 10:08:43 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Lukas Zapletal 2012-03-20 11:17:45 EDT 
Description of problem:

After I installed CFSE BETA5, I dont see any selinux candlepin package and there is no selinux module. Tomcat (Candlepin) is running in unconfined mode:

unconfined_u:system_r:unconfined_java_t:s0 tomcat 4238 1.3 18.7 2716184 262644 ? Sl 15:50   0:20 /usr/lib/jvm/jre/bin/java

# rpm -qa | grep selinux
selinux-policy-3.7.19-126.el6.noarch
pulp-selinux-server-1.0.0-4.el6.noarch
libselinux-python-2.0.94-5.2.el6.x86_64
libselinux-utils-2.0.94-5.2.el6.x86_64
selinux-policy-targeted-3.7.19-126.el6.noarch
libselinux-ruby-2.0.94-5.2.el6.x86_64
katello-selinux-0.1.8-1.el6.noarch
libselinux-2.0.94-5.2.el6.x86_64

# semodule -l | grep candlepin
(nothing)

Expected results:

candlepin-selinux package installed and selinux module enabled
Comment 1 Lukas Zapletal 2012-03-20 11:23:56 EDT 
Workaround:

yum -y install candlepin-selinux

Part of this bug/task:

- make sure katello-all installs this package
- do some testing of katello and candlepin running in confined mode
- no denails should be there prior commiting the change
Comment 6 Lukas Zapletal 2012-05-21 10:52:06 EDT 
Ok setting low prio, Candlepin is a java app, runs unconfined.
Comment 7 Lukas Zapletal 2012-08-22 03:45:33 EDT 
https://github.com/Katello/katello/pull/498
Comment 8 Miroslav Suchý 2012-08-22 04:02:51 EDT 
Fixed in commit 7ac95d4.
Comment 9 Og Maciel 2013-02-01 15:33:57 EST 
* CFSE 1.1.1 ships candlepin-selinux-0.7.8.1-1.el6cf.noarch
* CFSE 1.1.2 will ship candlepin-selinux-0.7.19-3.el6cf.noarch
* SAM does not seem to ship it. Will file a BZ.
Comment 10 Bryan Kearney 2014-07-02 10:08:43 EDT 
This was delivered with 6.0.3, which is the Satellite 6 Beta.
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.