Katello ping controller executes init scripts
Cloned from https://bugzilla.redhat.com/show_bug.cgi?id=1105085
Model class app/models/katello/ping.rb executes /etc/init.d/katello-jobs. This is security concern.
I am allowing this in our SELinux policy for now, because katello-jobs service will be removed for GA and it will be replaced by dynflow engine. All other services are checked with their API, I expect the same for dynflow so no services are needed to be executed at all.
Please remove this exec for GA once dynflow engine replace katello-jobs. Once this task is done, please raise a BZ on SELinux component to remove the rules.
PM: Please waive this for GA not Beta.