Story #7043
Updated by mdepaulo@redhat.com about 4 years ago
## Overview On Red Hat systems, Pulp installer needs to clone pulpcore-selinux repository[0], compile the policy inside of it, and install the policy, label all the ports used by pulp services[1]. [0] https://github.com/pulp/pulpcore-selinux [1] https://github.com/pulp/pulpcore-selinux#labeling-pulpcore_port ## File Path Requirements/Details The SELinux policy is built assuming default file paths. For example things like /var/lib/pulp, etc. Those defaults are in the policy's ".fc" file [here](https://github.com/pulp/pulpcore-selinux/blob/master/pulpcore.fc). On producton systems when these paths are changed the compiled policy will need to generate a correct .fc file to use when compiling the policy. On dev systems, a new .fc file will need to be generated as well for the dev environment. ## install-from-RPM mode requirements Because /usr/bin/rq and /usr/bin/gunicorn are generic, this mode will require wrapper scripts like Katello creates.
.