Bug #15639: OpenStack 8774 port is not associated on RHEL6 - SELinux - Foreman

Bug #15639

OpenStack 8774 port is not associated on RHEL6

Added by Lukas Zapletal over 3 years ago. Updated over 1 year ago.

Status:

Closed

Priority:

Normal

Assignee:

Lukas Zapletal

Category:

Compute resources

Target version:

1.11.4

Difficulty:

trivial

Triaged:

Bugzilla link:

Pull request:

https://github.com/theforeman/foreman-selinux/pull/58

Fixed in Releases:

Found in Releases:

Description

On RHEL6 the port is not correctly associated in the enable script due to shell comparison typo:

[root@abc ~]# semanage port -l | grep 8774

Therefore provisioning fails:

type=AVC msg=audit(1467663634.790:77212): avc: denied { name_connect } for pid=7928 comm="diagnostic_con*" dest=8774 scontext=unconfined_u:system_r:passenger_t:s0 tcontext=system_u:object_r:port_t:s0 tclass=tcp_socket

This was discovered during QA of: https://bugzilla.redhat.com/show_bug.cgi?id=1318327

Related issues

Associated revisions

Revision 4494139d (diff)
Added by Lukas Zapletal over 3 years ago

Fixes #15639 - OpenStack port assigned on RHEL6 (#58)

History

#1 Updated by The Foreman Bot over 3 years ago

Status changed from New to Ready For Testing
Pull request https://github.com/theforeman/foreman-selinux/pull/58 added

#2 Updated by Lukas Zapletal over 3 years ago

Status changed from Ready For Testing to Closed
% Done changed from 0 to 100

Applied in changeset 4494139d280e21911fb16cd7d0d830804be5b31d.

#3 Updated by Dominic Cleal over 3 years ago

Related to Bug #10443: Foreman cannot connect to OpenStack added

#4 Updated by Dominic Cleal over 3 years ago

Legacy Backlogs Release (now unused) set to 169

Also available in: Atom PDF

Project

General

Profile

Foreman » SELinux

Issues

Custom queries