SELinux » History » Revision 3
Revision 2 (Lukas Zapletal, 07/19/2013 10:16 AM) → Revision 3/4 (Lukas Zapletal, 07/19/2013 10:19 AM)
h1. SELinux
Foreman RHEL6 release fully supports SELinux. Currently the following processes are confined:
* Foreman Rails application running under Passenger
Our policy lives in: https://github.com/theforeman/foreman-selinux
h2. How to report errors
Please open ordinary issues and set component to "SELinux". Also give us information about how to reproduce denials and full log from the audit.log:
grep AVC /var/log/audit/audit.log
Providing information via foreman-debug command also helps us with investigating.
h2. Tips for debugging
If you identify part of code you want to test separatey, you You can run a script in passenger_t policy easily
runcon -u system_u -r system_r -t unconfined_t -- runcon -t passenger_t -- your_script.rb <your_script>
To reinitialize selinux use
semodule -B
or
setenforce 1 && setenforce 0