Project

Profile

Help

Story #97 ยป Issue #146 - 2015-01-08T18_34_24Z.eml

rbarlow, 01/08/2015 07:34 PM

 
Date: Thu, 08 Jan 2015 19:34:24 +0100
From: rbarlow@redhat.com
To: dropbox+pulp+c71e@plan.io
Message-ID: <54aecdb0213a5_76d53ff1c9501ea090292@apollo.mail>
in-reply-to: redmine.issue-97.20150108155012@plan.io
Subject: Re: [Pulp - Issue #97] (NEW) allow pulp dev setup to work with
selinux enabled
Mime-Version: 1.0
Content-Type: multipart/mixed;
boundary=cq7LG5xjiudeNco8v0oii67ntiPkTmCTt;
charset=UTF-8
Content-Transfer-Encoding: 7bit
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27
X-HE-Spam-Level: -----
X-HE-Spam-Score: -5.0
X-HE-Spam-Report: Content analysis details: (-5.0 points) pts rule name
description ---- ----------------------
-------------------------------------------------- -5.0 RCVD_IN_DNSWL_HI RBL:
Sender listed at http://www.dnswl.org/, high trust [209.132.183.28 listed in
list.dnswl.org]
X-HE-SPF: PASSED


--cq7LG5xjiudeNco8v0oii67ntiPkTmCTt
Content-Type: text/plain;
charset=utf-8
Content-Transfer-Encoding: quoted-printable

+1
> --- Please write your response above this line ---
> =

> Issue #97 has been reported by Chris Duryee.
> -----------------------------------------------------------------------=
-
> =

> =

> Issue #97: allow pulp dev setup to work with selinux enabled
> <https://pulp.plan.io/issues/97>
> =

> * Author: Chris Duryee
> * Status: NEW
> * Priority: Normal
> * Assignee:
> * Category:
> * Sprint/Milestone: =

> =

> I asked a python developer on another project to try out a pulp dev
> install so we could get feedback.
> =

> 1. Dev script does not allow for SELinux? That's going to be a no-go f=
or people. Would it be possible just to poke a few holes in the policy j=
ust for pulp using semanage permissive? E.g.
> =

> Change apache to a permissive domain
> # semanage permissive -a pulp_t
> =

> Alternatively, maybe you could provide a dev policy module built with a=
udit2allow?
> =

> I don't know what the pulp policy looks like or what problems it hits o=
r whatever, but just disabling SELinux wholesale is not a great solution.=

> =

> There were some other issues as well but this was number one. The pulp
> dev setup should be runnable without disabling selinux on the system.
> =

> -----------------------------------------------------------------------=
-
> =

> You have received this notification because you have either subscribed
> to or are involved in a project on pulp Planio.
> To change your notification preferences, please click here:
> https://pulp.plan.io/my/account
> =

> =

> =

> This notification was cheerfully delivered by <https://plan.io/>
> =

> Planio <https://plan.io/>
> =



--cq7LG5xjiudeNco8v0oii67ntiPkTmCTt--
    (1-1/1)