Daniel, can you point me to some docs on how to do this? On Tue, Jan 17, 2012 at 3:41 PM, Daniel J Walsh <dwa...@redhat.com> wrote:
> -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 01/17/2012 02:12 PM, Jon VanAlten wrote: > > > > > > ----- Original Message ----- > >> From: "Nathaniel McCallum" <nathan...@natemccallum.com> To: > >> "Development discussions related to Fedora" > >> <devel@lists.fedoraproject.org> Sent: Tuesday, January 17, 2012 > >> 1:24:25 PM Subject: Testing needed (mongodb) > >> > >> I've built packages of MongoDB 2.0.2 for f15, f16 and f17. This > >> should be a drop in replacement for your 1.8.x server. See > >> > http://www.mongodb.org/display/DOCS/2.0+Release+Notes#2.0ReleaseNotes-Upgradingfor > >> > >> > further details. > >> > >> However, I had to rewrite the patch providing js 1.8.5 support. > >> So I'd like some hands on testing before I push out this update. > >> > >> The builds should appear shortly in updates-testing and you can > >> provide here: > >> https://admin.fedoraproject.org/updates/mongodb-2.0.2-5.fc15 > >> https://admin.fedoraproject.org/updates/mongodb-2.0.2-5.fc16 > >> > >> Thanks! > >> > >> Nathaniel > >> > >> -- devel mailing list devel@lists.fedoraproject.org > >> https://admin.fedoraproject.org/mailman/listinfo/devel > > > > Hi, > > > > Am using the java driver not javascript so I can't really comment > > to your rewritten patch, but I can say that the F15 packages seem > > to be functioning fine as dropin replacement. There is, however, a > > new SELinux alert (pasted below). I don't see anything terrible in > > /var/log/mongodb/mongodb.log and this alert doesn't seem to affect > > functionality. > > > > cheers, jon > > > > SELinux is preventing /usr/bin/mongod from getattr access on the > > file /proc/sys/vm/zone_reclaim_mode. > > > > ***** Plugin catchall (100. confidence) suggests > > *************************** > > > > If you believe that mongod should be allowed getattr access on the > > zone_reclaim_mode file by default. Then you should report this as a > > bug. You can generate a local policy module to allow this access. > > Do allow this access for now by executing: # grep mongod > > /var/log/audit/audit.log | audit2allow -M mypol # semodule -i > > mypol.pp > > > > Additional Information: Source Context > > system_u:system_r:mongod_t:s0 Target Context > > system_u:object_r:sysctl_vm_t:s0 Target Objects > > /proc/sys/vm/zone_reclaim_mode [ file ] Source > > mongod Source Path /usr/bin/mongod Port > > <Unknown> Host <HOST> Source RPM Packages > > mongodb-server-2.0.2-5.fc15 Target RPM Packages Policy RPM > > selinux-policy-3.9.16-48.fc15 Selinux Enabled True > > Policy Type targeted Enforcing Mode > > Enforcing Host Name toxin Platform > > Linux <HOST> 2.6.41.4-1.fc15.x86_64 #1 SMP Tue Nov 29 11:53:48 UTC > > 2011 x86_64 x86_64 Alert Count 3 First Seen > > Tue 17 Jan 2012 02:00:14 PM EST Last Seen Tue > > 17 Jan 2012 02:02:46 PM EST Local ID > > bc6ed9f8-5013-4aff-8b7d-c45c3add2e04 > > > > Raw Audit Messages type=AVC msg=audit(1326826966.315:388): avc: > > denied { getattr } for pid=28298 comm="mongod" > > path="/proc/sys/vm/zone_reclaim_mode" dev=proc ino=515586 > > scontext=system_u:system_r:mongod_t:s0 > > tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=file > > I have no problem adding this access. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.4.11 (GNU/Linux) > Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ > > iEYEARECAAYFAk8V3RIACgkQrlYvE4MpobPT1gCgye893V1cMrUPA58ta0Gmt4sW > i2AAoKPU29J9def7CYVTsRXTJRQ8m7aK > =VS7p > -----END PGP SIGNATURE----- > -- > devel mailing list > devel@lists.fedoraproject.org > https://admin.fedoraproject.org/mailman/listinfo/devel >
-- devel mailing list devel@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/devel