Project

Profile

Help

Story #97

Updated by bmbouter almost 3 years ago

The checklist items should be done top to bottom.

To compile and install the Pulp SELinux with vagrant ansible you will need to:
* Install selinux-policy-devel rpm with ansible
* Make the policy similar to <code>make NAME=celery -f /usr/share/selinux/devel/Makefile DISTRO=fedora24</code> except with ansible
* Install the policy using ansible
* Have Run some restorecon statements using ansible call the restorecon script so that all the right restorecon calls occur. Stay DRY with these calls if possible.[0]
* If necessary, have the policy use "developer layout" .fc files to cause the .te compiled policies to be compatible with the layout used by Vagrant.
mimic these[0]

Use the <code>ps -awfuxZ | grep celery</code> to verify it is becoming the celery_t security label type. Similarly httpd should get an httpd security type. Then do some testing with Pulp and SELinux enabled.

[0]: https://github.com/pulp/pulp/blob/master/server/selinux/server/relabel.sh

Back