Task #7574
closed
Story #7043: As a user, I have pulp_installer compile and install the pulpcore-selinux policy
pulp_installer should compile & install the pulpcore-selinux policy when no paths are changed
100%
Description
This task is to implement the majority of the logic for compiling & installing the pulpcore-selinux policy.
It will assume that path variables will not be changed. (Address in another change)
It will install the policies regardless of what set of plugins are installed. (This design is TBD.)
It will not cover any weird corner cases either.
Added by Mike DePaulo about 4 years ago
Added by Mike DePaulo about 4 years ago
Revision d66908e7 | View on GitHub
As a user, I have pulp_installer compile and install the pulpcore-selinux policy
Applies to RedHat only.
Does not support for users overrding the folderpaths yet.
Implementation includes:
- Use make with the Makefile from the repo.2
- __pulp_selinux_policy_pkgs tracks the 3 policy package names from pulpcore-selinux.
- Install the compiled policy packages to /usr/local/share/selinux/ .
- Apply the SELinux type to the ports, read from pulp_api_bind and pulp_content_bind .
- Clone from github pulp org via https. Currently master branch. This can be overriden via __pulp_selinux_repo & +__pulp_selinux_version.
- Thorough handler logic on when to relabel the files on disk.
fixes: #7574
Updated by Anonymous about 4 years ago
- Status changed from NEW to MODIFIED
- % Done changed from 0 to 100
Applied in changeset ansible-pulp|d66908e73d6a03c3bc74a04e29f6886244da07d5.
Updated by ttereshc about 4 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
As a user, I have pulp_installer compile and install the pulpcore-selinux policy
Applies to RedHat only.
Does not support for users overrding the folderpaths yet.
Implementation includes:
fixes: #7574