Issue #9211: Vagrant devel installs have SELinux errors - Pulp

Actions

Send by e-mail Copy link

Issue #9211

open

Story #97: As a contributor, I rest easy knowing SELinux is Enforcing in the Pulp3 Vagrant environment

Vagrant devel installs have SELinux errors

Added by mdepaulo@redhat.com over 3 years ago. Updated about 3 years ago.

Status:

NEW

Priority:

Normal

Assignee:

Category:

Installer - Moved to GitHub issues

Sprint/Milestone:

Start date:

Due date:

Estimated time:

Severity:

2. Medium

Version:

Platform Release:

OS:

Triaged:

Yes

Groomed:

Sprint Candidate:

Tags:

Dev Environment, SELinux

Sprint:

Quarter:

Description

Because SELinux installs are in editable mode, the .pyc files produce SELinux errors.

Other SELinux errors may exist too due to the devel installs.

TASK [pulp_devel : SELinux status] *********************************************
ok: [pulp3-source-fedora34] => {
    "selinux_analyze.stdout_lines": [
        "SELinux is preventing gunicorn from search access on the directory vagrant.",
        "SELinux is preventing gunicorn from search access on the directory /.",
        "SELinux is preventing gunicorn from getattr access on the directory /home/vagrant/devel/pulpcore.",
        "SELinux is preventing gunicorn from read access on the directory models.",
        "SELinux is preventing gunicorn from open access on the directory /home/vagrant/devel/pulpcore/pulpcore/app/models.",
        "SELinux is preventing gunicorn from getattr access on the directory /home/vagrant.",
        "SELinux is preventing gunicorn from getattr access on the file /home/vagrant/devel/pulp_ansible/pulp_ansible/app/settings.py.",
        "SELinux is preventing gunicorn from read access on the file settings.py.",
        "SELinux is preventing gunicorn from open access on the file /home/vagrant/devel/pulpcore/pulpcore/app/settings.py.",
        "SELinux is preventing gunicorn from ioctl access on the file /home/vagrant/devel/pulp_ansible/pulp_ansible/app/settings.py.",
        "SELinux is preventing pulpcore-worker from read access on the file __init__.cpython-39.pyc.",
        "SELinux is preventing pulpcore-worker from open access on the file /home/vagrant/devel/pulp_ansible/pulp_ansible/__pycache__/__init__.cpython-39.pyc.",
        "SELinux is preventing pulpcore-worker from ioctl access on the file /home/vagrant/devel/pulp_ansible/pulp_ansible/__pycache__/__init__.cpython-39.pyc.",
        "SELinux is preventing pulpcore-worker from name_connect access on the tcp_socket port 5432.",
        "SELinux is preventing pulpcore-worker from add_name access on the directory 21847@pulp3-source-fedora34.localhost.example.com.",
        "SELinux is preventing pulpcore-worker from remove_name access on the directory 21235@pulp3-source-fedora34.localhost.example.com.",
        "SELinux is preventing pulpcore-worker from rmdir access on the directory 21235@pulp3-source-fedora34.localhost.example.com.",
        "SELinux is preventing nginx from read access on the file nginx.conf.",
        "SELinux is preventing nginx from open access on the file /home/vagrant/devel/pulp_ansible/pulp_ansible/app/webserver_snippets/nginx.conf.",
        "SELinux is preventing nginx from getattr access on the file /home/vagrant/devel/pulp_ansible/pulp_ansible/app/webserver_snippets/nginx.conf."
    ]
}