Story #97: As a contributor, I rest easy knowing SELinux is Enforcing in the Pulp3 Vagrant environment

Story #97

The checklist items should be done top to bottom. 

 To compile and install the Pulp SELinux with vagrant ansible you will need to: 
 * Install selinux-policy-devel rpm with ansible 
 * Make the policy similar to <code>make NAME=celery -f /usr/share/selinux/devel/Makefile DISTRO=fedora24</code> except with ansible 
 * Install the policy using ansible 
 * Have Run some restorecon statements using ansible call the restorecon script so that all the right restorecon calls occur. Stay DRY with these calls if possible.[0] 
 * If necessary, have the policy use "developer layout" .fc files to cause the .te compiled policies to be compatible with the layout used by Vagrant. mimic these[0] 

 Use the <code>ps -awfuxZ | grep celery</code> to verify it is becoming the celery_t security label type. Similarly httpd should get an httpd security type. Then do some testing with Pulp and SELinux enabled. 

 [0]: https://github.com/pulp/pulp/blob/master/server/selinux/server/relabel.sh

Back

Project

Profile

Help

Pulp

Story #97