Story #9007
closedStory #97: As a contributor, I rest easy knowing SELinux is Enforcing in the Pulp3 Vagrant environment
As a vagrant user, I get an error if SELinux failed
100%
Description
When pulp_installer runs as part of vagrant, (currently) we set SELinux to permissive. Errors are logged.
However, nothing happens if SELinux errors are present.
We should do something, like a failure error at the end (configurable whether this happens), and printing any SELinux errors due to Pulp.
Alternatively we could just make it enforcing and let pulp_installer failure on its actual tasks (and thus fail the provision), but that would be disruptive to users. However:
- We'd still want to print the SELinux errors anyway.
- Some SELinux errors will break the application at runtime, but not break the installer.
This would affect our vagrant (qemu) CI tests as well. Where FIPS is tested.
Updated by fao89 almost 3 years ago
- Status changed from NEW to ASSIGNED
- Assignee set to fao89
Updated by pulpbot almost 3 years ago
- Status changed from ASSIGNED to POST
Added by Fabricio Aguiar almost 3 years ago
Added by Fabricio Aguiar almost 3 years ago
Revision 19894269 | View on GitHub
Display SELinux errors
Updated by Anonymous almost 3 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset ansible-pulp|19894269dc01ed1d17c0e3b996d2dbeaf5d83e35.
Updated by pulpbot almost 3 years ago
- Status changed from MODIFIED to CLOSED - CURRENTRELEASE
Display SELinux errors
https://pulp.plan.io/issues/9007 closes #9007