Actions
Story #9007
closed
Story #97: As a contributor, I rest easy knowing SELinux is Enforcing in the Pulp3 Vagrant environment
As a vagrant user, I get an error if SELinux failed
Start date:
Due date:
% Done:
100%
Estimated time:
Platform Release:
Groomed:
No
Sprint Candidate:
No
Tags:
CI/CD
Sprint:
Quarter:
Description
When pulp_installer runs as part of vagrant, (currently) we set SELinux to permissive. Errors are logged.
However, nothing happens if SELinux errors are present.
We should do something, like a failure error at the end (configurable whether this happens), and printing any SELinux errors due to Pulp.
Alternatively we could just make it enforcing and let pulp_installer failure on its actual tasks (and thus fail the provision), but that would be disruptive to users. However:
- We'd still want to print the SELinux errors anyway.
- Some SELinux errors will break the application at runtime, but not break the installer.
This would affect our vagrant (qemu) CI tests as well. Where FIPS is tested.
Updated by fao89 over 3 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to fao89
Updated by pulpbot over 3 years ago
- Status changed from ASSIGNED to POST
Added by Fabricio Aguiar over 3 years ago
Updated by Anonymous over 3 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset ansible-pulp|19894269dc01ed1d17c0e3b996d2dbeaf5d83e35.
Updated by pulpbot over 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Actions
.
Display SELinux errors
https://pulp.plan.io/issues/9007 closes #9007