Project

General

Profile

Actions
Copy link

Bug #3080

closed

Installing puppetmaster with passenger without foreman causes AVC denials

Added by Ivan Necas over 10 years ago. Updated almost 5 years ago.

Status:
Closed
Priority:
Normal
Assignee:
-
Category:
Foreman modules
Target version:
-
Difficulty:
Triaged:
No
Bugzilla link:
Pull request:
Fixed in Releases:
Found in Releases:
Red Hat JIRA:

Description

The problem is the policy for passenger to work is included in foreman-selinux,
that doesn't get installed when installing puppetmaster.

Ideally, there would be separate policy for both foreman and puppet.

Related issues 2 (0 open2 closed)

Related to SELinux - Feature #2820: Improve SELinux policy for puppetResolvedLukas ZapletalActions
Related to SELinux - Bug #6316: Break up foreman, puppetmaster and passenger domainsResolvedActions
Actions
Copy link
 #1

Updated by Ivan Necas over 10 years ago

Partially fixed in https://github.com/theforeman/puppet-passenger/pull/16, installing foreman-selinux when configuring passenger

Actions
Copy link
 #2

Updated by Lukas Zapletal over 10 years ago

  • Related to Feature #2820: Improve SELinux policy for puppet added
Actions
Copy link
 #3

Updated by Lukas Zapletal almost 10 years ago

  • Related to Bug #6316: Break up foreman, puppetmaster and passenger domains added
Actions
Copy link
 #4

Updated by Lukas Zapletal almost 10 years ago

We need to workaround this, full solution needs more time: http://projects.theforeman.org/issues/6316

Actions
Copy link
 #5

Updated by Ewoud Kohl van Wijngaarden almost 5 years ago

  • Status changed from New to Closed

Puppet no longer runs under passenger so I'm going to close this.

Actions
Copy link

Also available in: Atom PDF