Activity
From 09/01/2014 to 09/30/2014
09/30/2014
- 10:05 AM Bug #7388 (Closed): Policy module isn't reloaded when upgrading RPM
- 06:54 AM Revision 2f345dec: refs #7388 - make foreman-selinux-enable upgrade-safe
09/29/2014
- 01:20 PM Bug #7524: Adding libvirt compute resource ersults in error
- Would you mind sharing the denial you get after you executed the above command and set Enforcing again?
I doubt co... - 10:26 AM Bug #7524: Adding libvirt compute resource ersults in error
- Hey,
no this does not fix the issue ! Maybe the "user_home_dir_t" flag of the parent directory is missing ? - 11:02 AM Bug #7729 (Closed): Websockify not allowed to read certs
- Applied in changeset commit:01ba3e1e9d7b8fdd8d19514f616c04847f4f4d10.
- 04:53 AM Bug #7729 (Ready For Testing): Websockify not allowed to read certs
- 04:49 AM Bug #7729 (Closed): Websockify not allowed to read certs
- Katello uses certs in /etc/pki/katello for websockets, but access to these is denied by SELinux:
type=AVC msg=... - 10:24 AM Bug #7727 (Rejected): Ssh finish script does not work under Enforcing
- Ok it really looks like this is issue when connecting to console. Need to dig later on.
- 04:47 AM Bug #7727 (Rejected): Ssh finish script does not work under Enforcing
- As reported here:...
- 06:22 AM Bug #7719: Selinux prevents console from starting/connecting
- Lukas Zapletal wrote:
> Thanks, Andreas. Now, can you describe what actually does not work? The issue is named "Seli... - 06:11 AM Bug #7719: Selinux prevents console from starting/connecting
- Added foreman-debug-outfile.
- 05:11 AM Bug #7719: Selinux prevents console from starting/connecting
- Thanks, Andreas. Now, can you describe what actually does not work? The issue is named "Selinux prevents console from...
- 05:00 AM Bug #7719: Selinux prevents console from starting/connecting
- type=AVC msg=audit(1411981245.749:98): avc: denied { getattr } for pid=2169 comm="ruby" path="/usr/bin/ssh" dev=dm...
- 04:52 AM Bug #7719 (Ready For Testing): Selinux prevents console from starting/connecting
- 04:51 AM Bug #7719: Selinux prevents console from starting/connecting
- I created #7729 for the websockets Katello issue
- 04:45 AM Bug #7719: Selinux prevents console from starting/connecting
- Trusting the /etc/pki/katello/certs/katello-default-ca.crt in my browser (FF32.0.3/Windows 7) did not change the beha...
- 04:45 AM Bug #7719: Selinux prevents console from starting/connecting
- Andreas, can you paste us the denials when you run in Enforcing and the console does not work? The output above does ...
- 04:42 AM Bug #7719: Selinux prevents console from starting/connecting
- This looks really like issue for the ssh finish script, because websockify runs in its own domain.
I think we need... - 04:41 AM Bug #7719: Selinux prevents console from starting/connecting
- Have you trusted the Katello CA certificate in your browser? That should fix the encrypted web sockets.
If you're ... - 03:51 AM Bug #7719 (New): Selinux prevents console from starting/connecting
- 04:59 AM Revision 01ba3e1e: fixes #7729 - allow websockify to read certs
09/28/2014
- 02:30 PM Bug #7719: Selinux prevents console from starting/connecting
- I modified the /usr/share/doc/foreman-selinux-1.6.0/foreman.te and added the line in the pull at 283:
apache_searc...
09/27/2014
- 07:16 PM Bug #7719 (Ready For Testing): Selinux prevents console from starting/connecting
- 06:56 PM Bug #7719: Selinux prevents console from starting/connecting
- Is there any more in the audit log? That looks like passenger is using ssh there (maybe for a finish script?) I'm not...
- 08:11 AM Bug #7719 (Closed): Selinux prevents console from starting/connecting
- When setting selinux to enforcing, the console via websocket does not work any more.
Putting selinux into permissi...
09/26/2014
- 01:01 PM Bug #7346 (Closed): Foreman can't connect to OpenStack port 5000
- Applied in changeset commit:24a501be208460fdfd3bc59d47a4fd2b631df622.
- 12:50 PM Revision 24a501be: Fixes #7346 - Added OpenStack port 5000 via boolean
- 11:35 AM Bug #7388: Policy module isn't reloaded when upgrading RPM
- https://github.com/theforeman/foreman-packaging/pull/355
https://github.com/theforeman/foreman-selinux/pull/33 - 11:31 AM Bug #7388 (Ready For Testing): Policy module isn't reloaded when upgrading RPM
- 08:18 AM Bug #7388 (Assigned): Policy module isn't reloaded when upgrading RPM
- 08:20 AM Revision e86bf009: Refs #7178 - removed passenger_t execmem rule
- This reverts commit d867377e56451fc43030a30958499d34e6f4e485.
09/25/2014
- 12:06 PM Bug #7524: Adding libvirt compute resource ersults in error
- Hey,
can you confirm this fixes the issue:
chcon -R system_u:object_r:ssh_home_t:s0 /usr/share/foreman/.ssh
09/23/2014
- 08:54 AM Bug #7524 (New): Adding libvirt compute resource ersults in error
- 08:49 AM Bug #7524: Adding libvirt compute resource ersults in error
- I I found out that selinux is part of the issue. if i disable selinux with "setenforce 0" on he foreman server, it is...
09/18/2014
- 08:12 AM Bug #7524: Adding libvirt compute resource ersults in error
- hello,
here is the requested output of the path variable:
Foreman instance:
[root@cosdpl1 ~]# echo $PATH
/usr/l... - 07:56 AM Bug #7524: Adding libvirt compute resource ersults in error
- Right I see it.
Check $PATH? - 07:55 AM Bug #7524 (Need more information): Adding libvirt compute resource ersults in error
- Hello,
can you check if your Foreman instance has ssh client installed and Foreman user can execute it?
Also, t... - 07:27 AM Bug #7524: Adding libvirt compute resource ersults in error
- Operating systems used:
Foreman: RHEL 7
KVM Hypervisor: RHEL 7 - 07:24 AM Bug #7524 (Duplicate): Adding libvirt compute resource ersults in error
- Adding a new compute libvirt resource results in an error if testing the connection to the hypervisor:
Warning!
E...
09/09/2014
- 12:13 PM Bug #7388 (Closed): Policy module isn't reloaded when upgrading RPM
- The RPM postinstall scriptlet doesn't appear to reload the new module into the SELinux policy when the package is upg...
- 12:01 PM Bug #7198 (Closed): Socket read and write on RHEL7
- Applied in changeset commit:0a4d60fa15ba718948f2cb823c826617b69d25fa.
- 11:43 AM Revision 0a4d60fa: Fixes #7198 - allowed httpd_t to read/write to passenger socket
09/04/2014
Also available in: Atom