OpenStack-Ansible

Hosts role should set SELinux into permissive mode

Bug #1657517 reported by Major Hayden
12
This bug affects 2 people
Affects Status Importance Assigned to Milestone
OpenStack-Ansible
Fix Released
Undecided
Major Hayden

Bug Description

There are still a few bugs within the CentOS deployment (especially around keepalived's ping functionality) which cause SELinux AVC's. We should set SELinux into permissive mode until those are fixed.

And yes, this is extremely painful for me to write.

See original description
Major Hayden (rackerhacker)
description: updated
Revision history for this message
Sam Yaple (s8m) wrote :

https://major.io/2013/04/15/seriously-stop-disabling-selinux/

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix proposed to openstack-ansible (master)

Fix proposed to branch: master
Review: https://review.openstack.org/422668

Changed in openstack-ansible:
status: New → In Progress
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Major Hayden (rackerhacker) → Kevin Carter (kevin-carter)
OpenStack Infra (hudson-openstack)
Changed in openstack-ansible:
assignee: Kevin Carter (kevin-carter) → Major Hayden (rackerhacker)
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to openstack-ansible (master)

Reviewed: https://review.openstack.org/422668
Committed: https://git.openstack.org/cgit/openstack/openstack-ansible/commit/?id=eb6992174fdb9d198d89b8045424686972e17afc
Submitter: Jenkins
Branch: master

commit eb6992174fdb9d198d89b8045424686972e17afc
Author: Major Hayden <email address hidden>
Date: Thu Jan 19 08:52:25 2017 -0600

    Don't enforce SELinux policy temporarily

    This patch sets a variable that temporarily avoids putting SELinux
    into enforcing mode until some additional policy can be written.

    Please note the **temporarily** in the commit message. I've had enough
    trolling about this already. ;)

    Closes-Bug: 1657517
    Change-Id: I898ec5ae646dbe444b85c2f919f75c53971fabdf

Changed in openstack-ansible:
status: In Progress → Fix Released
Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix included in openstack/openstack-ansible 15.0.0.0b3

This issue was fixed in the openstack/openstack-ansible 15.0.0.0b3 development milestone.

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.