[katello-devel] Katello, Foreman and SELinux
Bryan Kearney
bkearney at redhat.com
Wed Nov 28 16:40:11 UTC 2012
On 11/28/2012 08:19 AM, Miroslav Grepl wrote:
> On 11/28/2012 02:15 PM, Miroslav Suchy wrote:
>> On 28.11.2012 13:46, Lukas Zapletal wrote:
>>> If we would like to confine thin processes (or perhaps mod_passenger
>>> processes) for both Katello and Foreman, we would need to extend our
>>> policy with this and also use the thin_t context as a template:
>>
>> Personally I would not spend time on confining thin.
>>
>> What about finishing:
>> https://github.com/Katello/katello/pull/1041
>>
>> We can import selinux-policy package from RHEL6.4 Alpha into rhel6
>> thirdparty temporally . And hopefuly finish it.
>>
>> This would save us a lot of work.
>>
>> Hmm, and even without it... can we use selinux transitions?
>>
>> http://danwalsh.livejournal.com/23944.html
>>
>> Mirek
>>
>> _______________________________________________
>> katello-devel mailing list
>> katello-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/katello-devel
> The problem is we have different thin policies for RHEL6 against
> Fedora17+. It just works in RHEL6 because we have
>
> optional_policy(`
> unconfined_domain(thin_t)
> ')
Can we add this for F17?
-- bk
More information about the katello-devel
mailing list