Activity

From 09/29/2014 to 10/28/2014

10/28/2014

05:36 AM Revision 10de1c58: Bump version to 1.8-develop: Dominic Cleal

10/22/2014

10:52 AM Bug #8030 (Closed): Permission denied - bind(2) on DNS lookup when creating a host: I stood up an instance of Foreman on a centOS7 machine following the instructions at: http://www.theforeman.org/manua... Dwight Beaver

10/21/2014

05:01 AM Bug #7932 (Closed): LDAP does not work: Applied in changeset commit:aab37c64a87a4b4e332511a050329c9e28be833e. Anonymous
05:01 AM Bug #7719 (Closed): Selinux prevents console from starting/connecting: Applied in changeset commit:b696bcf7fe8041d0ad950d41be0a65bd4f186e75. Anonymous
03:52 AM Revision aab37c64: Fixes #7932 - added LDAP support for passenger: Lukas Zapletal
03:51 AM Revision 9fb84170: Refs #7719 - added websockify rules for VNC console: Lukas Zapletal
03:51 AM Revision b696bcf7: Fixes #7719 - added ssh rules for libvirt CR: Lukas Zapletal

10/14/2014

03:01 AM Bug #7932 (Ready For Testing): LDAP does not work: The Foreman Bot
02:51 AM Bug #7932 (Closed): LDAP does not work: Not able to authenticate using AD or LDAP authentication source on Satellite when installed on RHEL 7
Version-Rele... Lukas Zapletal

10/13/2014

05:16 AM Bug #7719: Selinux prevents console from starting/connecting: I saw the exact denials on my host. I've added these to the patch, thanks. Lukas Zapletal
03:30 AM Bug #7719: Selinux prevents console from starting/connecting: Adding above rules to the git df4d9d88afb6edc74c37072b3a15cb517eaa3547 makes my console work! :) Andreas Pfaffeneder
02:57 AM Bug #7719: Selinux prevents console from starting/connecting: semodule -DB, try to access console:
/var/log/audit/audit.log
type=AVC msg=audit(1413182319.822:4621): avc: deni... Andreas Pfaffeneder

10/10/2014

09:59 AM Bug #7719: Selinux prevents console from starting/connecting: Andreas,
I get the very same error: WebSock error: [object Event].
But when I try to set Permissive, I still ha... Lukas Zapletal
04:13 AM Bug #7719: Selinux prevents console from starting/connecting: Tried with the latest foreman-selinux-branch (libvirt-ssh-7719):
[root@katello2 ~]# #git clone https://github.com/... Andreas Pfaffeneder

10/09/2014

10:14 AM Bug #7719 (Ready For Testing): Selinux prevents console from starting/connecting: The Foreman Bot
09:36 AM Bug #7719 (Assigned): Selinux prevents console from starting/connecting: Lukas Zapletal
09:28 AM Bug #7719: Selinux prevents console from starting/connecting: Ok problem solved I think, it was during restart because I had my noVNC console opened. It's the libvirt who is spawn... Lukas Zapletal
09:02 AM Bug #7719: Selinux prevents console from starting/connecting: Ok finally, thank to Jason Montleon, we managed to reproduce. Those are thrown when passenger is being restarted, not... Lukas Zapletal
07:42 AM Bug #7719: Selinux prevents console from starting/connecting: Unfortunately, I have NO idea why this runs ssh binary. From what I've seen the ruby ssh client library is pure ruby.... Lukas Zapletal
09:26 AM Bug #7524 (Duplicate): Adding libvirt compute resource ersults in error: Ok this is dupe: http://projects.theforeman.org/issues/7719
I will have the patch this week. Thanks for the report! Lukas Zapletal

10/02/2014

02:15 AM Bug #7524: Adding libvirt compute resource ersults in error: Hello,
I did some testing and I became aware of the following fact:
Changing the permission with "chcon -R system... Dirk Mayer

09/30/2014

10:05 AM Bug #7388 (Closed): Policy module isn't reloaded when upgrading RPM: Dominic Cleal
06:54 AM Revision 2f345dec: refs #7388 - make foreman-selinux-enable upgrade-safe: Dominic Cleal

09/29/2014

01:20 PM Bug #7524: Adding libvirt compute resource ersults in error: Would you mind sharing the denial you get after you executed the above command and set Enforcing again?
I doubt co... Lukas Zapletal
10:26 AM Bug #7524: Adding libvirt compute resource ersults in error: Hey,
no this does not fix the issue ! Maybe the "user_home_dir_t" flag of the parent directory is missing ? Dirk Mayer
11:02 AM Bug #7729 (Closed): Websockify not allowed to read certs: Applied in changeset commit:01ba3e1e9d7b8fdd8d19514f616c04847f4f4d10. Anonymous
04:53 AM Bug #7729 (Ready For Testing): Websockify not allowed to read certs: Stephen Benjamin
04:49 AM Bug #7729 (Closed): Websockify not allowed to read certs: Katello uses certs in /etc/pki/katello for websockets, but access to these is denied by SELinux:
type=AVC msg=... Stephen Benjamin
10:24 AM Bug #7727 (Rejected): Ssh finish script does not work under Enforcing: Ok it really looks like this is issue when connecting to console. Need to dig later on. Lukas Zapletal
04:47 AM Bug #7727 (Rejected): Ssh finish script does not work under Enforcing: As reported here:... Lukas Zapletal
06:22 AM Bug #7719: Selinux prevents console from starting/connecting: Lukas Zapletal wrote:
> Thanks, Andreas. Now, can you describe what actually does not work? The issue is named "Seli... Andreas Pfaffeneder
06:11 AM Bug #7719: Selinux prevents console from starting/connecting: Added foreman-debug-outfile. Andreas Pfaffeneder
05:11 AM Bug #7719: Selinux prevents console from starting/connecting: Thanks, Andreas. Now, can you describe what actually does not work? The issue is named "Selinux prevents console from... Lukas Zapletal
05:00 AM Bug #7719: Selinux prevents console from starting/connecting: type=AVC msg=audit(1411981245.749:98): avc: denied { getattr } for pid=2169 comm="ruby" path="/usr/bin/ssh" dev=dm... Andreas Pfaffeneder
04:52 AM Bug #7719 (Ready For Testing): Selinux prevents console from starting/connecting: The Foreman Bot
04:51 AM Bug #7719: Selinux prevents console from starting/connecting: I created #7729 for the websockets Katello issue Stephen Benjamin
04:45 AM Bug #7719: Selinux prevents console from starting/connecting: Trusting the /etc/pki/katello/certs/katello-default-ca.crt in my browser (FF32.0.3/Windows 7) did not change the beha... Andreas Pfaffeneder
04:45 AM Bug #7719: Selinux prevents console from starting/connecting: Andreas, can you paste us the denials when you run in Enforcing and the console does not work? The output above does ... Lukas Zapletal
04:42 AM Bug #7719: Selinux prevents console from starting/connecting: This looks really like issue for the ssh finish script, because websockify runs in its own domain.
I think we need... Lukas Zapletal
04:41 AM Bug #7719: Selinux prevents console from starting/connecting: Have you trusted the Katello CA certificate in your browser? That should fix the encrypted web sockets.
If you're ... Stephen Benjamin
03:51 AM Bug #7719 (New): Selinux prevents console from starting/connecting: Dominic Cleal
04:59 AM Revision 01ba3e1e: fixes #7729 - allow websockify to read certs: Stephen Benjamin

Also available in: Atom

Project

General

Profile

Foreman » SELinux

Activity

Activity

10/28/2014

10/22/2014

10/21/2014

10/14/2014

10/13/2014

10/10/2014

10/09/2014

10/02/2014

09/30/2014

09/29/2014