Description of problem: When I create create a new volume and attempt to start it I see some SELinux errors that say glusterd is blocking access to mnt-samba-<my volume>.log. Version-Release number of selected component (if applicable): glusterfs-3.3.0rhs-26.el6rhs.x86_64 How reproducible: Every time I create a distributed volume. I haven't tested with other volume types yet. Steps to Reproduce: 1. Create new volume 2. Start new volume 3. Run sealert to see error. Actual results: [root@rusty ~]# gluster volume create distributed-volume2 `hostname`:/brick1 guido.lab.eng.blr.redhat.com:/brick1 Creation of volume distributed-volume2 has been successful. Please start the volume to access data. [root@rusty ~]# gluster volume start distributed-volume2 Starting volume distributed-volume2 has been successful [root@rusty ~]# sealert -a /var/log/audit/audit.log 100% donefound 1 alerts in /var/log/audit/audit.log -------------------------------------------------------------------------------- SELinux is preventing /usr/sbin/glusterfsd from add_name access on the directory mnt-samba-distributed-volume2.log. ***** Plugin catchall (100. confidence) suggests *************************** If you believe that glusterfsd should be allowed add_name access on the mnt-samba-distributed-volume2.log directory by default. Then you should report this as a bug. You can generate a local policy module to allow this access. Do allow this access for now by executing: # grep glusterfs /var/log/audit/audit.log | audit2allow -M mypol # semodule -i mypol.pp Expected results: No SELinux errors. Additional info:
will this fall under a feature request to enable SELinux on RHS? as of now, any bug open regarding SELinux would root cause to not having SELinux
Ahh, I understand what is going on. When I do installs in beaker it runs everything with SELinux enabled. I didn't realize that SELinux wasn't supported on the Red Hat Storage Appliance.
will treat it as FutureFeature, and not as a bug...
As its a FutureFeature, marking the priority as medium.
Ben I will be closing it as a dup of 852266. As its a umbrella bug for getting SELinux support in RHS. *** This bug has been marked as a duplicate of bug 852266 ***