Project

General

Profile

SELinux » History » Version 2

Lukas Zapletal, 07/19/2013 10:16 AM

1 1 Lukas Zapletal
h1. SELinux
2
3
Foreman RHEL6 release fully supports SELinux. Currently the following processes are confined:
4
5
 * Foreman Rails application running under Passenger
6
7 2 Lukas Zapletal
Our policy lives in: https://github.com/theforeman/foreman-selinux
8 1 Lukas Zapletal
9
h2. How to report errors
10
11
Please open ordinary issues and set component to "SELinux". Also give us information about how to reproduce denials and full log from the audit.log:
12
13
    grep AVC /var/log/audit/audit.log
14
15
Providing information via foreman-debug command also helps us with investigating.
16
17
h2. Tips for debugging
18
19
You can run a script in passenger_t policy easily
20
21
    runcon -u system_u -r system_r -t unconfined_t -- runcon -t passenger_t -- <your_script>
22
23
To reinitialize selinux use
24
25
    semodule -B
26
27
or
28
29
    setenforce 1 && setenforce 0