Bug 984748 - OpenShift Hosted SELinux policy allows jboss websocket port
OpenShift Hosted SELinux policy allows jboss websocket port
Status: CLOSED CURRENTRELEASE
Product: OpenShift Online
Classification: Red Hat
Component: Containers (Show other bugs)
2.x
Unspecified Unspecified
medium Severity medium
: ---
: ---
Assigned To: Rob Millner
libra bugs
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-07-15 17:13 EDT by Rob Millner
Modified: 2015-05-14 19:23 EDT (History)
5 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-07-22 11:24:39 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Rob Millner 2013-07-15 17:13:41 EDT
Description of problem:
The websocket port that jboss is using (8676) cannot be used due to lack of an SELinux policy.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Create a JbossAS7 app
2. Stop the app
3. Install nc on the node (yum -y install nc)
4. Log into the gear
5. echo $OPENSHIFT_JBOSSAS_IP $OPENSHIFT_JBOSSAS_WEBSOCKET_PORT
6. nc -l [values from step 5]
    ex: nc -l 127.0.250.129 8676
7. Open another window and log in as root to the devenv
8. nc [ values from step 5]
    ex: nc 127.0.250.129 8676
9. Type something in the window with step 8 and hit enter.

Actual results:
permission denied

Expected results:
nc should bind in step 6.  The text typed in step 9 should show up in the window for step 6.

Additional info:
Comment 1 Rob Millner 2013-07-15 22:13:25 EDT
Pull request submitted and release ticket updated.

https://github.com/openshift/li/pull/1736
Comment 2 openshift-github-bot 2013-07-15 23:17:43 EDT
Commit pushed to master at https://github.com/openshift/li

https://github.com/openshift/li/commit/9c551488b9326dac7a9816bd767559004a2e9354
Bug 984748 - Add jboss websocket port to allowed list of ports.

Note You need to log in before you can comment on or make changes to this bug.