Project

General

Profile

Activity

From 05/12/2020 to 06/10/2020

06/09/2020

11:01 AM Bug #30069 (Closed): Apache httpd is not allowed to read puppet certs
Applied in changeset commit:fc3eb992a285bc701e8327815c43761a094b2a67. Anonymous
09:26 AM Bug #30069 (Ready For Testing): Apache httpd is not allowed to read puppet certs
The Foreman Bot
09:24 AM Bug #30069 (Closed): Apache httpd is not allowed to read puppet certs
SSIA Lukas Zapletal
10:35 AM Revision fc3eb992: Fixes #30069 - allow reading puppet certs to httpd
Lukas Zapletal

06/03/2020

09:01 AM Refactor #29778 (Closed): Implement puma policy
Applied in changeset commit:3087a3f799d112211c9eae35b2fe92a3e718621f. Anonymous
08:36 AM Refactor #29778: Implement puma policy
We are not removing passenger policy yet, it can be enabled just in case Puma does not work well. Lukas Zapletal
08:05 AM Revision 3087a3f7: Fixes #29778 - puma policy, passenger optional
Lukas Zapletal

05/29/2020

08:35 AM Feature #29957 (Closed): Remove docker rules and foreman_container_t port assignment and type
From the policy, this can be painful, take care of smooth upgrade path! Lukas Zapletal

05/28/2020

08:24 AM Bug #29882: Denial when clicking on Cockpit button
Tomer, I have cherry picked this fix into 2.1-stable. Please release foreman-selinux for the next rc/final.
5ef339... Lukas Zapletal

05/27/2020

10:01 AM Bug #29882 (Closed): Denial when clicking on Cockpit button
Applied in changeset commit:59156f4a590f603e19c4f7b376e982afa58c6d94. Anonymous
09:03 AM Revision 59156f4a: Fixes #29882 - allow cockpit connections (#101)
Lukáš Zapletal
08:36 AM Bug #19005 (Rejected): AVCs as Foreman fails to transition to passenger_t on Fedora 24
I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th... Lukas Zapletal
08:36 AM Bug #17093 (Rejected): Passenger not transitioning to passenger_t with upstream packages
I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th... Lukas Zapletal
08:35 AM Bug #16513 (Resolved): Foreman app is denied connecting to Puppet Master
Implemented some time ago. Lukas Zapletal
08:31 AM Bug #12991 (Rejected): puppetdb connectivity should be allowed by passengr_run_puppetmaster
We have this in the policy:
```
# Connecting to puppet server
optional_policy(`
tunable_policy(`foreman_rai... Lukas Zapletal
08:25 AM Bug #12398 (Resolved): Write to /var/run/foreman/pids/dynflow_executor.output is prevented
Lukas Zapletal
08:23 AM Bug #9804 (Rejected): Initial relabeling of puppet fails on RHEL7
I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th... Lukas Zapletal
08:22 AM Bug #6316 (Resolved): Break up foreman, puppetmaster and passenger domains
I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th... Lukas Zapletal
08:22 AM Bug #6115 (Rejected): Denials with nightly
I am doing a cleanup of old SELinux bug reports. We are removing puppetmaster policy based on passenger_t, most of th... Lukas Zapletal
07:30 AM Feature #29937 (Rejected): Write policy for smart-proxy-dynflow-core
SSIA Lukas Zapletal

05/20/2020

09:36 AM Bug #29882 (Ready For Testing): Denial when clicking on Cockpit button
The Foreman Bot

05/19/2020

03:07 PM Bug #29882 (Closed): Denial when clicking on Cockpit button
Domains problem.... Lukas Zapletal

05/15/2020

10:32 AM Refactor #29778 (Ready For Testing): Implement puma policy
The Foreman Bot

05/14/2020

08:46 AM Refactor #29778: Implement puma policy
Since all rules will be very likely the same, it's better to do this in a single commit rather than remove all then a... Lukas Zapletal

05/13/2020

06:21 PM Revision 99d8769b: Bump version to 2.2-develop
Tomer Brisker
12:31 PM Refactor #29778 (Closed): Implement puma policy
Eric Helms
 

Also available in: Atom