Project

Profile

Help

Issue #7780

closed

SELinux denials on symlinking when galaxy-importer is run

Added by mdepaulo@redhat.com about 4 years ago. Updated about 4 years ago.

Status:
CLOSED - CURRENTRELEASE
Priority:
Normal
Category:
Installer - Moved to GitHub issues
Sprint/Milestone:
-
Start date:
Due date:
Estimated time:
Severity:
2. Medium
Version:
Platform Release:
OS:
Triaged:
No
Groomed:
No
Sprint Candidate:
No
Tags:
SELinux
Sprint:
Sprint 85
Quarter:

Description

Per zpytela:

When the pulpcore resource worker runs galaxy-importer, tar is executed to extract files from the specified archive. Symbolic links can be present in the tarball, so the process needs the manage permissions.

(galaxy-importer is called by the plugin galaxy_ng.)

Already fixed in pulpcore-selinux, thank you zpytela! https://github.com/pulp/pulpcore-selinux/pull/31

This issue will be marked as fixed once pulp_installer includes the new pulpcore-selinux .

Also available in: Atom PDF