Project

Profile

Help

Story #1166

closed

As a user, I can install a crane-selinux rpm

Added by cduryee over 8 years ago. Updated about 5 years ago.

Status:
CLOSED - WONTFIX
Priority:
Normal
Assignee:
-
Start date:
Due date:
% Done:

100%

Estimated time:
(Total: 0:00 h)
Platform Release:
Target Release - Crane:
Groomed:
No
Sprint Candidate:
No
Tags:
Pulp 2, SELinux
Sprint:
Quarter:

Description

python-crane has semanage statements in %post. These should be moved to a simple policy. The python-crane spec contains the following:


%post
semanage fcontext -a -t httpd_sys_content_t '%{_var}/lib/crane(/.*)?'
restorecon -R -v %{_var}/lib/crane

%postun
if [ $1 -eq 0 ] ; then  # final removal
semanage fcontext -d -t httpd_sys_content_t '%{_var}/lib/crane(/.*)?'
restorecon -R -v %{_var}/lib/crane
fi

I do not think semanage is appropriate in the %post and %postun since it can cause confusion when some selinux-related items work but not others. IMO the statements should be removed in favor of either selinux setup documentation, or a policy file.

QE note: this bug is for a refactor and likely will not have anything to validate aside from regression testing.


Sub-issues 1 (0 open1 closed)

Issue #2719: Need to choose a port, and ship SELinux policy for network connectionsCLOSED - WONTFIXActions

Related issues

Related to Crane - Issue #1572: Yum install python crane raising SE Linux errorsCLOSED - CURRENTRELEASEpcreechActions

Also available in: Atom PDF