Activity
From 08/12/2014 to 09/10/2014
09/09/2014
- 12:13 PM Bug #7388 (Closed): Policy module isn't reloaded when upgrading RPM
- The RPM postinstall scriptlet doesn't appear to reload the new module into the SELinux policy when the package is upg...
- 12:01 PM Bug #7198 (Closed): Socket read and write on RHEL7
- Applied in changeset commit:0a4d60fa15ba718948f2cb823c826617b69d25fa.
- 11:43 AM Revision 0a4d60fa: Fixes #7198 - allowed httpd_t to read/write to passenger socket
09/04/2014
- 03:22 AM Bug #7346 (Ready For Testing): Foreman can't connect to OpenStack port 5000
- 03:12 AM Bug #7346 (Closed): Foreman can't connect to OpenStack port 5000
- ...
08/27/2014
- 02:43 PM Tracker #7249: Policy with workarounds for Foreman w/ Katello
- Just for the record this one:...
- 11:07 AM Tracker #7249: Policy with workarounds for Foreman w/ Katello
- Leaked file descriptor of EPEL6 puppet:...
- 09:56 AM Bug #6316: Break up foreman, puppetmaster and passenger domains
- Removing the blocker Satellite 6.0.4 bugzilla from this refactoring effort. This will be done asynchronously since th...
08/26/2014
- 04:09 AM Feature #4464 (Ready For Testing): Implement SELinux policy for smart-proxy
- 03:45 AM Bug #7193 (Pending): Katello does not install due to qpidd policy bug
- 03:44 AM Bug #7250 (Duplicate): Remove sysvinit executable rule in Katello
08/25/2014
- 01:14 PM Tracker #7249: Policy with workarounds for Foreman w/ Katello
- This issue #7178
allow passenger_t self:process execmem;
has been merged upstream but I am going to revert ... - 12:28 PM Tracker #7249: Policy with workarounds for Foreman w/ Katello
- This rule is required for RHEL 7.0 (without SELinux upcoming errata):
auth_read_passwd(qpidd_t)
https://git... - 11:41 AM Tracker #7249: Policy with workarounds for Foreman w/ Katello
- This rule is needed for foreman-tasks (#7198):
allow passenger_t httpd_t:unix_stream_socket {read write};
... - 11:39 AM Tracker #7249 (Closed): Policy with workarounds for Foreman w/ Katello
- There are several workarounds that needs to be solved to get Foreman with Katello working on RHEL6 and RHEL7. I want ...
- 11:51 AM Bug #7250 (Duplicate): Remove sysvinit executable rule in Katello
- Since ping controller no longer execute @/etc/init.d/delayed-jobs@ the rule that allows this can be removed.
https...
08/21/2014
- 10:39 AM Bug #7198: Socket read and write on RHEL7
- Correcting the AVC:...
- 10:26 AM Bug #7198 (Ready For Testing): Socket read and write on RHEL7
- 09:38 AM Bug #7198 (Closed): Socket read and write on RHEL7
- ...
- 10:26 AM Bug #7193 (Ready For Testing): Katello does not install due to qpidd policy bug
- 06:16 AM Bug #7193 (Assigned): Katello does not install due to qpidd policy bug
- 06:10 AM Bug #7193 (Rejected): Katello does not install due to qpidd policy bug
- This is temporary workaround until https://bugzilla.redhat.com/show_bug.cgi?id=1130086 is resolved.
- 06:21 AM Bug #7178: Allow passenger_t to EXECMEM
- Investigating if daemons gem (used by foreman-tasks) does not cause that.
08/20/2014
- 05:01 PM Bug #7178 (Closed): Allow passenger_t to EXECMEM
- Applied in changeset commit:d867377e56451fc43030a30958499d34e6f4e485.
- 04:36 PM Bug #7178: Allow passenger_t to EXECMEM
- Scratch that for RHEL7, after investigation from this evening with Jason and Og, it turns out it is not passenger but...
- 11:17 AM Bug #7178 (Closed): Allow passenger_t to EXECMEM
- It was confirmed by our QA department that our application does work file in Enforcing.
- 04:47 PM Revision d5e80cf1: Merge pull request #28 from lzap/execmem-7178
- Fixes #7178 - allowed passenger_t to execmem
- 04:45 PM Revision d867377e: Fixes #7178 - allowed passenger_t to execmem
- Foreman-tasks wont start on RHEL7
08/15/2014
- 10:48 AM Feature #4464 (Assigned): Implement SELinux policy for smart-proxy
- 10:16 AM Feature #4464 (Ready For Testing): Implement SELinux policy for smart-proxy
08/12/2014
- 01:58 PM Bug #7034: Fix relabel script on RHEL7
- In that case add it to release notes. This is big! ;-)
- 11:01 AM Bug #7034 (Closed): Fix relabel script on RHEL7
- Applied in changeset commit:7b9410507203c9c5f58283bc39f5da8ee8a92608.
- 05:23 AM Bug #7034 (Ready For Testing): Fix relabel script on RHEL7
- https://github.com/theforeman/foreman-selinux/pull/26
- 04:34 AM Bug #7034 (Closed): Fix relabel script on RHEL7
- A downstream bug was reported with some denials which has been fixed already upstream, but it looks like /var/run/for...
- 11:01 AM Bug #7036 (Closed): Allow creation of log files for Foreman Rails app
- Applied in changeset commit:e842477295ed731377f3f43c5b8f84634b6f47a2.
- 05:23 AM Bug #7036 (Ready For Testing): Allow creation of log files for Foreman Rails app
- https://github.com/theforeman/foreman-selinux/pull/26
- 05:15 AM Bug #7036 (Closed): Allow creation of log files for Foreman Rails app
- It looks like our Rails app also creates new log files there. We only allow reads and writes....
- 11:01 AM Bug #6979 (Closed): Policy does not load on EL7 due to consoletype_exec_t dependency
- Applied in changeset commit:7a59c90304ef32a67457a8071bbda07d161b6236.
- 11:01 AM Bug #6014 (Closed): AVC denials from Puppet under Passenger on Foreman 1.6 on EL7
- Applied in changeset commit:7a59c90304ef32a67457a8071bbda07d161b6236.
- 11:01 AM Bug #6013 (Closed): AVC denials from Passenger on Foreman 1.6 on EL7
- Applied in changeset commit:7a59c90304ef32a67457a8071bbda07d161b6236.
- 10:11 AM Revision e8424772: Fixes #7036 - allow log files creation for Rails app
- 10:11 AM Revision 7b941050: Fixes #7034 - added RHEL7 support to relabel script
- 10:11 AM Revision 7a59c903: Fixes #6013, #6014, #6979 - changes for RHEL7
Also available in: Atom