Commit Graph

7 Commits

Author SHA1 Message Date
Boris Ranto
338bd3d177 selinux: Update policy for radosgw
The current SELinux policy does not cover radosgw daemon. This patch
introduces the SELinux support for radosgw daemon (civetweb only).

Signed-off-by: Boris Ranto <branto@redhat.com>
2015-09-11 11:08:08 +02:00
Boris Ranto
736fe06235 selinux: Add .gitignore file
The gitbuilders release script needs this. Otherwise, the ceph-release
build will fail because there were some untracked files.

Signed-off-by: Boris Ranto <branto@redhat.com>
2015-08-05 15:21:47 +02:00
Boris Ranto
73bf34d90f selinux: Update the SELinux policy rules
Few new denials were found while testing the policy. Updating the policy
rules to refelct that.

Signed-off-by: Boris Ranto <branto@redhat.com>
2015-08-05 15:21:47 +02:00
Boris Ranto
03d7a65b94 SELinux Makefile can't work in parallel
We need to force single-core compilation of SELinux policy files in the
sub-make target as SELinux Makefile does not work properly when run in
parallel mode.

Signed-off-by: Boris Ranto <branto@redhat.com>
2015-08-05 15:21:47 +02:00
Boris Ranto
bed5703367 selinux: Allow setuid and setgid to ceph-mon and ceph-osd
Signed-off-by: Boris Ranto <branto@redhat.com>
2015-08-05 15:21:47 +02:00
Milan Broz
d0fd8ffa40 Update selinux policy (after local test).
Changes enerated with ceph-test package.

Signed-off-by: Milan Broz <mbroz@redhat.com>
2015-08-05 15:21:47 +02:00
Boris Ranto
c52eb995e0 Add initial SELinux support
This patch modifies the build system and spec file to provide a support
for SELinux enforcing in an opt-in matter via ceph-selinux package.

Signed-off-by: Boris Ranto <branto@redhat.com>
2015-08-05 15:21:41 +02:00