Project

Profile

Help

Story #97

Updated by bmbouter over 2 years ago

The real deliverables are in the checklist, but here is some extra info on how checklist items should be done top to compile it. bottom.

To compile and install the Pulp SELinux with Ansible for Vagrant vagrant ansible you will need to:
* Install selinux-policy-devel rpm with ansible
* Compile Make the policy similar to <code>make NAME=celery -f /usr/share/selinux/devel/Makefile DISTRO=fedora24</code> except with ansible
* Install the policy using Ansible ansible
* Have ansible call the restorecon script or fixfiles (see checklist item) so that all the right restorecon calls occur. Stay DRY with these calls if possible.[0]
* If necessary, have the policy use "developer layout" .fc files to cause the .te compiled policies to be compatible with the layout used by Vagrant.

Use the <code>ps -awfuxZ | grep celery</code> to verify it is becoming the celery_t security label type. Similarly httpd should get an httpd security type. Then do some testing with Pulp and SELinux enabled.

[0]: https://github.com/pulp/pulp/blob/master/server/selinux/server/relabel.sh

Back