Project

General

Profile

Feature #2125

SELinux support

Added by Ewoud Kohl van Wijngaarden over 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Normal
Assignee:
Sam Kottler
Category:
Security
Target version:
Difficulty:
medium
Triaged:
No
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Currently foreman and SELinux enforcing mode don't play nice together. It would be nice if they did.

Associated revisions

Revision 3129deef (diff)
Added by Sam Kottler about 6 years ago

Fixes #2125: add support for running Foreman with selinux enabled

History

#1 Updated by Glen Ogilvie over 6 years ago

I wrote some SELinux rules to get this to work on a server I am running Foreman on.

They might be allowing too much access, but better than turning of SELinux.

Let me know if you would like them attached to this ticket. They are for RHEL6

#2 Updated by Ewoud Kohl van Wijngaarden over 6 years ago

I'm certainly interested. Though my SELinux knowledge is limited I'm sure we can get people to review it.

#3 Updated by Sam Kottler about 6 years ago

  • Category set to Security
  • Assignee set to Sam Kottler
  • Target version set to 1.2.0
  • Difficulty set to medium

I'm working on this now, in fact it's nearly done!

My plan is to email the developer list with a beta package for foreman core, but there will also be smart proxy packages available soon.

#4 Updated by Sam Kottler about 6 years ago

  • Status changed from New to Closed
  • % Done changed from 0 to 100

Applied in changeset commit:"3129deefe7bb5140f48d2b50eab84c0322089ea5".

Also available in: Atom PDF