Hello Neil, Many thanks for reporting issues that you had with Baculum and for proposed solutions.
I will check and fix it soon. Currently I am on short vacation and I don't have access to my workstation but I am comming back on Sunday and then I will answer. Best regards, Marcin Haba (gani) On Wed, 11 Mar 2020 at 21:42, Neil MacGregor <neil.macgre...@ualberta.ca> wrote: > > Hi, I'm still a noob, working through a new install. > > I see others (eg November 2019) struggled with SELinux issues, when Baculum > v9.4.4 was new. > However, I have seen some issues with my brand new install of v9.6.2. I read > in the new release notes that this was *supposed* to work, so I confirmed I > have the selinux packages installed for both the API and Web components. > > Issues I had: > > setroubleshoot[44023]: SELinux is preventing /usr/sbin/unix_chkpwd from > getattr access on the file /etc/shadow. (seems more like an OS problem?) > setroubleshoot[44401]: SELinux is preventing /usr/sbin/httpd from write > access on the file /opt/bacula/etc/bacula-dir.conf. > setroubleshoot[44299]: SELinux is preventing /opt/bacula/bin/bconsole from > write access on the file .bconsole_history > setroubleshoot[3867]: SELinux is preventing /usr/sbin/sendmail.postfix from > read access on the file /etc/postfix/main.cf ( only if you mangle the syntax > in your sudoers file! ) > > Workarounds I implemented: > > ausearch -c 'unix_chkpwd' --raw | audit2allow -M my-unixchkpwd > semodule -i my-unixchkpwd.pp > > ausearch -c 'httpd' --raw | audit2allow -M my-httpd > semodule -i my-httpd.pp > > ausearch -c 'bconsole' --raw | audit2allow -M my-bconsole > semodule -i my-bconsole.pp > > setsebool -P httpd_can_sendmail=1 > > I didn't have a question, I just thought perhaps the feedback might be useful > to anyone else on the same version, having the same problems & searching the > list for solutions. Perhaps these could be integrated for the next version. > > Overall, I'm very impressed with Bacula, and getting to know Baculum, so > thanks for the amazing work on these products! > > I'm on CentOS7, fully patched, fresh install, a VM under oViirt. > >> [root@bac-rec-test-1 ~]# rpm -qa | grep baculum >> baculum-common-9.6.2-1.el7.noarch >> baculum-web-httpd-9.6.2-1.el7.noarch >> baculum-web-9.6.2-1.el7.noarch >> baculum-api-httpd-9.6.2-1.el7.noarch >> baculum-api-selinux-9.6.2-1.el7.noarch >> baculum-api-9.6.2-1.el7.noarch >> baculum-web-selinux-9.6.2-1.el7.noarch > > > And >> >> [root@bac-rec-test-1 ~]# rpm -qa | grep bacula >> bacula-postgresql-9.6.2-1.el7.x86_64 >> bacula-libs-9.6.2-1.el7.x86_64 > > > Feel free to let me know if you have any questions. > -- > -Neil > 780-492-3155 > University of Alberta Libraries > 4-30 Cameron Library > _______________________________________________ > Bacula-users mailing list > Bacula-users@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bacula-users -- "Greater love hath no man than this, that a man lay down his life for his friends." Jesus Christ "Większej miłości nikt nie ma nad tę, jak gdy kto życie swoje kładzie za przyjaciół swoich." Jezus Chrystus _______________________________________________ Bacula-users mailing list Bacula-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bacula-users
