Story #7043
Updated by bmbouter over 4 years ago
On Red Hat systems, Pulp installer needs to clone pulpcore-selinux repository[0], compile the policy inside of it, and install the policy, label all the ports used by pulp services[1].
[0] https://github.com/pulp/pulpcore-selinux
[1] https://github.com/pulp/pulpcore-selinux#labeling-pulpcore_port
## File Path Requirements/Details
The SELinux policy is built assuming default file paths. For example things like /var/lib/pulp, etc. Those defaults are in the policy's ".fc" file [here](https://github.com/pulp/pulpcore-selinux/blob/master/pulpcore.fc).
On producton systems when these paths are changed the compiled policy will need to generate a correct .fc file to use when compiling the policy.
On dev systems, a new .fc file will need to be generated as well for the dev environment.