Feature #2820
Updated by Lukas Zapletal almost 12 years ago
Thank to PassengerRuby feature in Passenger 4.0, it is possible to setup different Ruby binary for each Ruby application. We need to create /usr/bin/ruby-foreman and ruby-puppetmaster with proper selinux contexts and configure this in httpd. For Foreman we will move from passenger_t to newly created foreman_t domain and change our policy. For puppetmaster we will reuse puppetmaster_t domain which is already present in the base policy (and works with puppetmaster/webrick already). We can use this from Fedora 20 (passenger 4.0). In Fedora 19 we cannot apply this approach as there is 3.0 version and in RHEL 6.4 passenger_t already have puppetmaster rules. As a workaround for F19, we will temporarily allow passenger_t to do puppetmaster stuff.