Activity
From 05/12/2020 to 06/10/2020
06/09/2020
- 11:01 AM Bug #30069 (Closed): Apache httpd is not allowed to read puppet certs
- Applied in changeset commit:fc3eb992a285bc701e8327815c43761a094b2a67.
- 09:26 AM Bug #30069 (Ready For Testing): Apache httpd is not allowed to read puppet certs
- 09:24 AM Bug #30069 (Closed): Apache httpd is not allowed to read puppet certs
- SSIA
- 10:35 AM Revision fc3eb992: Fixes #30069 - allow reading puppet certs to httpd
06/03/2020
- 09:01 AM Refactor #29778 (Closed): Implement puma policy
- Applied in changeset commit:3087a3f799d112211c9eae35b2fe92a3e718621f.
- 08:36 AM Refactor #29778: Implement puma policy
- We are not removing passenger policy yet, it can be enabled just in case Puma does not work well.
- 08:05 AM Revision 3087a3f7: Fixes #29778 - puma policy, passenger optional
05/29/2020
- 08:35 AM Feature #29957 (Closed): Remove docker rules and foreman_container_t port assignment and type
- From the policy, this can be painful, take care of smooth upgrade path!
05/28/2020
- 08:24 AM Bug #29882: Denial when clicking on Cockpit button
- Tomer, I have cherry picked this fix into 2.1-stable. Please release foreman-selinux for the next rc/final.
5ef339...
05/27/2020
- 10:01 AM Bug #29882 (Closed): Denial when clicking on Cockpit button
- Applied in changeset commit:59156f4a590f603e19c4f7b376e982afa58c6d94.
- 09:03 AM Revision 59156f4a: Fixes #29882 - allow cockpit connections (#101)
- 08:36 AM Bug #19005 (Rejected): AVCs as Foreman fails to transition to passenger_t on Fedora 24
- I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th...
- 08:36 AM Bug #17093 (Rejected): Passenger not transitioning to passenger_t with upstream packages
- I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th...
- 08:35 AM Bug #16513 (Resolved): Foreman app is denied connecting to Puppet Master
- Implemented some time ago.
- 08:31 AM Bug #12991 (Rejected): puppetdb connectivity should be allowed by passengr_run_puppetmaster
- We have this in the policy:
```
# Connecting to puppet server
optional_policy(`
tunable_policy(`foreman_rai... - 08:25 AM Bug #12398 (Resolved): Write to /var/run/foreman/pids/dynflow_executor.output is prevented
- 08:23 AM Bug #9804 (Rejected): Initial relabeling of puppet fails on RHEL7
- I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th...
- 08:22 AM Bug #6316 (Resolved): Break up foreman, puppetmaster and passenger domains
- I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th...
- 08:22 AM Bug #6115 (Rejected): Denials with nightly
- I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th...
- 07:30 AM Feature #29937 (Rejected): Write policy for smart-proxy-dynflow-core
- SSIA
05/20/2020
05/19/2020
- 03:07 PM Bug #29882 (Closed): Denial when clicking on Cockpit button
- Domains problem....
05/15/2020
05/14/2020
- 08:46 AM Refactor #29778: Implement puma policy
- Since all rules will be very likely the same, it's better to do this in a single commit rather than remove all then a...
05/13/2020
Also available in: Atom