Project

General

Profile

Actions

Bug #18019

open

[deployment][arvados-formula] selinux breaks many installation steps

Added by Javier Bértoli over 3 years ago. Updated 10 months ago.

Status:
New
Priority:
Normal
Assigned To:
-
Category:
Deployment
Target version:
Story points:
-
Release:
Release relationship:
Auto

Description

Selinux enforces a series of restrictions on ports and paths that applications can bind or use.

In our setup, nginx needs to bind to many restricted ports, passenger needs to write into a restricted path (usually /usr/share/nginx/passenger_temp), etc.

All these fail when SELinux is enabled (ie, Centos-7 has selinux enabled by default).

The formula should:

  • allow to manage the selinux rules required for Arvados
  • allow to disable selinux
  • we should document the changes so any admin that wants to manage some other way can do it.
Actions

Also available in: Atom PDF