On 06/12/2014 10:14 AM, Richard Shaw wrote: > On Thu, Jun 12, 2014 at 6:56 AM, Daniel J Walsh <dwa...@redhat.com > <mailto:dwa...@redhat.com>> wrote: > >> The full unifi software is java with a mongodb database backend >> and works fine. I have a RPM I created, the only problem I >> haven't been able to fix is the selinux issues, one for the >> private mongodb instance, and then the ports it binds to. > Please open a bugzilla for the SELinux issues. > > > Before I open a BZ, here's what I have in my spec file which from what > I understand should be persistent... > > %posttrans > /usr/sbin/semanage fcontext -e /var/lib/mongod "/var/lib/unifi/logs(/.*)?" > /usr/sbin/semanage fcontext -e /var/lib/mongod "/var/lib/unifi/data(/.*)?" > /usr/sbin/semanage port -m -t mongod_port_t 27117 > > Or should this be handled in a policy? > > Thanks, > Richard > > I think your post install should look like.
/usr/sbin/semanage fcontext -e /var/log/mongod "/var/lib/unifi/logs" /usr/sbin/semanage fcontext -e /var/lib/mongod "/var/lib/unifi/data" /usr/sbin/semanage port -m -t mongod_port_t 27117 Don't use the regex. Also I would figure the logs should be labeled mongod_log_t rather then mongod_lib_t. If this is a standard location for this code, we should put it into the base package.
-- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
