General

Profile

Milan Broz

Issues

Activity

09/09/2015

06:39 AM teuthology Bug #12972: SELinux denial: syslogd on sda1?
Sigh, this is really stupid tracker... here with fixed syntax, seems I cannot edit my comments.
Probably missing d...
06:32 AM teuthology Bug #12972: SELinux denial: syslogd on sda1?
Probably missing directory flag, see this example (/home/ceph_log):
# ls -lZ
drwxr-xr-x. 2 root root unconfined_u...

08/27/2015

12:34 AM Ceph Revision 09db67fd (ceph): ceph-disk: set owner of created files to ceph
Signed-off-by: Milan Broz <mbroz@redhat.com>
12:34 AM Ceph Revision 52e978e4 (ceph): Set keys owner to ceph user if exists.
Also fix directory access rigths.
Signed-off-by: Milan Broz <mbroz@redhat.com>
12:34 AM Ceph Revision 8bd35bd6 (ceph): Set Ceph device partitions owner to ceph user in udev.
Signed-off-by: Milan Broz <mbroz@redhat.com>

08/25/2015

06:09 AM Ceph Bug #12755: selinux: ceph-mon denial on wip-user
Anyway, short info how to interpret it:
- install policycore-utils
- we can list "ceph_t" AVC rom autidt usin...
06:00 AM Ceph Bug #12755: selinux: ceph-mon denial on wip-user
Probably it just need some new rule in selinux policy. How it can be reproduced, is is part of a regular tests run?

08/18/2015

12:52 PM Ceph Bug #12718: ceph-disk always calls restorecon
Interesting, I have if which('restorecon') here locally.
Some wrong patch was merged then...
12:25 PM Ceph Revision 28d3c4c9 (ceph): Do not use hardcoded paths in spec post section for selinux commands.
Signed-off-by: Milan Broz <mbroz@redhat.com>
12:25 PM Ceph Revision fa2203e9 (ceph): Add dependence to selinux-policy-base to fix installation in kickstart.
Signed-off-by: Milan Broz <mbroz@redhat.com>

Also available in: Atom