Bug #14437
remove apache_manage_sys_content from katello selinux permissions
Description
A previous patch updated katello-selinux to allow writing to /var/www/html/*. This is overly broad and should be constrained further, see https://github.com/Katello/katello-selinux/pull/13#issuecomment-204302997 for a more correct solution.
History
#1
Updated by Lukas Zapletal about 6 years ago
I need to correct my linked statement. That won't work because /var/www/pub is a symlink that has special treatment in SELinux.
I think katello or pulp should provide sensible default instead symlinked /var/www/pub/export. The real path could be used instead: /var/lib/pulp/published/export and then it will work just like that, without the patch that was pushed.
#2
Updated by Eric Helms about 6 years ago
- Legacy Backlogs Release (now unused) set to 114