]> git.apps.os.sepia.ceph.com Git - ceph.git/commitdiff
projects / ceph.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1dfef83)
selinux: allow ceph_t amqp_port_t:tcp_socket
authorkalebskeithley <kaleb@redhat.com>
Wed, 8 Jul 2020 19:20:30 +0000 (15:20 -0400)
committerNathan Cutler <ncutler@suse.com>
Thu, 23 Jul 2020 14:47:21 +0000 (16:47 +0200)
allow ceph_t amqp_port_t:tcp_socket name_connect;
allow ceph_t soundd_port_t:tcp_socket name_connect;

Required for running RabbitMQ

(soundd_port_t) for running RabbitMQ on port 8000

Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1854083
Signed-off-by: Kaleb S. KEITHLEY <kkeithle@redhat.com>
(cherry picked from commit 05c523185b2d5ddd9e10f425c7e1f1ee1e409ba2)

selinux/ceph.te patch | blob | history

diff --git a/selinux/ceph.te b/selinux/ceph.te
index 12fbcc1f5d3965f97c12b9530a6655224834faa5..a79ee7edf6a0b83c5cfbe774f755a109e7150f17 100644 (file)
--- a/selinux/ceph.te
+++ b/selinux/ceph.te
@@ -89,6 +89,8 @@ corenet_tcp_sendrecv_cyphesis_port(ceph_t)
 
 allow ceph_t commplex_main_port_t:tcp_socket name_connect;
 allow ceph_t http_cache_port_t:tcp_socket name_connect;
+allow ceph_t amqp_port_t:tcp_socket name_connect;
+allow ceph_t soundd_port_t:tcp_socket name_connect;
 
 corecmd_exec_bin(ceph_t)
 corecmd_exec_shell(ceph_t)
Unnamed repository; edit this file 'description' to name the repository.