Jira (PUP-2413) Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations

2021-01-26 Thread Josh Cooper (Jira) 
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper commented on  PUP-2413  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
  Re: Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations   
 

  
 
 
 
 

 
 This ticket has not been updated in some time and is now being closed due to inactivity. This isn’t necessarily a statement that this ticket isn’t important - other issues may have demanded precedence since it was filed, or it may have simply slipped through the cracks. If any viewer/watcher feels closing this ticket is an error, please re-open it and add a comment explaining. Our apologies in advance for any mistake on this.  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian Jira (v8.5.2#805002-sha1:a66f935)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-bugs/JIRA.33904.1398957162000.125724.1611729180022%40Atlassian.JIRA.

Jira (PUP-2413) Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations

2018-09-26 Thread Josh Cooper (JIRA) 
Title: Message Title


 
 
 
 

 
 
 

 
   
 Josh Cooper updated an issue  
 

  
 
 
 
 

 
 
  
 
 
 
 

 
 Puppet /  PUP-2413  
 
 
  Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations   
 

  
 
 
 
 

 
Change By: 
 Josh Cooper  
 
 
Team: 
 Coremunity Platform OS  
 

  
 
 
 
 

 
 
 

 
 
 Add Comment  
 

  
 

  
 
 
 
  
 

  
 
 
 
 

 
 This message was sent by Atlassian JIRA (v7.7.1#77002-sha1:e75ca93)  
 
 

 
   
 

  
 

  
 

   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.

Jira (PUP-2413) Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations

2017-12-07 Thread Jacob Helwig (JIRA) 
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Jacob Helwig updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2413 
 
 
 
  Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations  
 
 
 
 
 
 
 
 
 

Change By:
 
 Jacob Helwig 
 
 
 

Sub-team:
 
 Coremunity 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v7.0.2#70111-sha1:88534db) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.

Jira (PUP-2413) Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations

2017-05-18 Thread Moses Mendoza (JIRA) 
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Moses Mendoza updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2413 
 
 
 
  Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations  
 
 
 
 
 
 
 
 
 

Change By:
 
 Moses Mendoza 
 
 
 

Labels:
 
 selinux  triaged 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.

Jira (PUP-2413) Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations

2017-05-16 Thread John Duarte (JIRA) 
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 John Duarte updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2413 
 
 
 
  Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations  
 
 
 
 
 
 
 
 
 

Change By:
 
 John Duarte 
 
 
 

Labels:
 
 selinux 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.

Jira (PUP-2413) Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations

2017-05-16 Thread Maggie Dreyer (JIRA) 
Title: Message Title
 
 
 
 
 
 
 
 
 
 
  
 
 Maggie Dreyer updated an issue 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 Puppet /  PUP-2413 
 
 
 
  Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations  
 
 
 
 
 
 
 
 
 

Change By:
 
 Maggie Dreyer 
 
 
 

Labels:
 
 selinux  triaged 
 
 
 
 
 
 
 
 
 
 
 
 

 
 Add Comment 
 
 
 
 
 
 
 
 
 
 

 
 
 
 
 
 
 
 
 
 

 This message was sent by Atlassian JIRA (v6.4.14#64029-sha1:ae256fe) 
 
 
 
 
  
 
 
 
 
 
 
 
 
   





-- 
You received this message because you are subscribed to the Google Groups "Puppet Bugs" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-bugs+unsubscr...@googlegroups.com.
To post to this group, send email to puppet-bugs@googlegroups.com.
Visit this group at https://groups.google.com/group/puppet-bugs.
For more options, visit https://groups.google.com/d/optout.

Jira (PUP-2413) Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations

2014-05-01 Thread Logan Attwood (JIRA) 
Title: Message Title










 

 Logan Attwood created an issue


















 Puppet /  PUP-2413



  Attempting to log the output of service initialization on CentOS 6.5 causes SELinux violations 










Issue Type:

  Bug




Assignee:


 Unassigned




Created:


 01/May/14 8:12 AM




Environment:


CentOS 6.5 Puppet 3.5.0




Priority:

  Normal




Reporter:

 Logan Attwood










It looks like puppet is creating a file in /tmp to connect to the stdout of service httpd start to. Out of the box CentOS 6 (and I can only assume RHEL 6) does not permit Apache to write to /tmp, causing an SELinux violation similar to the following:
kernel: type=1400 audit(1398909812.247:10): avc: denied  { read write }
 for pid=20375 comm=httpd path=/tmp/puppet20140501-19869-xtobvy-0 dev=xvde ino=18584 scontext=system_u:system_r:httpd_t:s0 tcontext=system_u:object_r:initrc_tmp_t:s0 tclass=file
I suspect this had to do with bringing the service resource providers up to feature parity with the exec resource providers.
The workaround would be to accept not getting Apache's startup output when using Puppet, or create an selinux module to permit apache writing to /tmp.