Issue #7780
closed
SELinux denials on symlinking when galaxy-importer is run
Description
Per zpytela:
When the pulpcore resource worker runs galaxy-importer, tar is executed to extract files from the specified archive. Symbolic links can be present in the tarball, so the process needs the manage permissions.
(galaxy-importer is called by the plugin galaxy_ng.)
Already fixed in pulpcore-selinux, thank you zpytela! https://github.com/pulp/pulpcore-selinux/pull/31
This issue will be marked as fixed once pulp_installer includes the new pulpcore-selinux .
Updated by mdepaulo@redhat.com about 4 years ago
- Subject changed from SELinux errors on symlinking when galaxy-importer is run to SELinux denials on symlinking when galaxy-importer is run
Added by Mike DePaulo about 4 years ago
Added by Mike DePaulo about 4 years ago
Revision afeefdb3 | View on GitHub
Problem: SELinux denials on symlinking when galaxy-importer
is run (by galaxy_ng content plugin)
Solution: Update pulpcore-selinux to 1.2.3, which includes the fix.
fixes: #7780
Updated by pulpbot about 4 years ago
- Status changed from NEW to POST
Updated by Anonymous about 4 years ago
- Status changed from POST to MODIFIED
Applied in changeset ansible-pulp|afeefdb3269dee526d0420a6891485e36079a4e2.
Updated by dkliban@redhat.com almost 4 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
.
Problem: SELinux denials on symlinking when galaxy-importer
is run (by galaxy_ng content plugin)
Solution: Update pulpcore-selinux to 1.2.3, which includes the fix.
fixes: #7780