openqa/server: set httpd_can_network_connect boolean again :(
Seems there's one more port that needs to be tagged before we can finally unset this: https://bugzilla.redhat.com/show_bug.cgi?id=1277312#c9 Keep the custom policy as well, though, so we just need to update it when that port gets done. Signed-off-by: Adam Williamson <awilliam@redhat.com>
This commit is contained in:
Adam Williamson
parent
2320eef5ee
commit
3dec01a15a
1 changed files with 4 additions and 3 deletions
|
|
@ -302,9 +302,10 @@
|
|||
command: semodule -i /usr/local/share/selinux/httpd-openqa.pp
|
||||
when: selinux_module is changed
|
||||
|
||||
# we used to set this as a bigger hammer to let httpd connect to openQA
|
||||
- name: Unset httpd_can_network_connect SELinux boolean
|
||||
seboolean: name=httpd_can_network_connect state=no persistent=yes
|
||||
# Unfortunately still need this until port 9528 is tagged:
|
||||
# https://bugzilla.redhat.com/show_bug.cgi?id=1277312
|
||||
- name: Set httpd_can_network_connect SELinux boolean
|
||||
seboolean: name=httpd_can_network_connect state=yes persistent=yes
|
||||
|
||||
- name: Allow Apache to read from NFS (as we store test data files there now)
|
||||
seboolean: name=httpd_use_nfs state=yes persistent=yes
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue