Issue #7780
SELinux denials on symlinking when galaxy-importer is run
Description
Per zpytela:
When the pulpcore resource worker runs galaxy-importer, tar is executed to extract files from the specified archive. Symbolic links can be present in the tarball, so the process needs the manage permissions.
(galaxy-importer is called by the plugin galaxy_ng.)
Already fixed in pulpcore-selinux, thank you zpytela! https://github.com/pulp/pulpcore-selinux/pull/31
This issue will be marked as fixed once pulp_installer includes the new pulpcore-selinux .
Associated revisions
Revision afeefdb3
View on GitHub
Problem: SELinux denials on symlinking when galaxy-importer
is run (by galaxy_ng content plugin)
Solution: Update pulpcore-selinux to 1.2.3, which includes the fix.
fixes: #7780
History
#1
Updated by mdepaulo@redhat.com 3 months ago
- Subject changed from SELinux errors on symlinking when galaxy-importer is run to SELinux denials on symlinking when galaxy-importer is run
#2
Updated by mdepaulo@redhat.com 3 months ago
- Description updated (diff)
#4
Updated by Anonymous 3 months ago
- Status changed from POST to MODIFIED
Applied in changeset ansible-pulp|afeefdb3269dee526d0420a6891485e36079a4e2.
#5
Updated by dkliban@redhat.com about 2 months ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Please register to edit this issue
.
Problem: SELinux denials on symlinking when galaxy-importer
is run (by galaxy_ng content plugin)
Solution: Update pulpcore-selinux to 1.2.3, which includes the fix.
fixes: #7780