From 79f2f8c8fbf2ae312df13c55ff0903cc03b29c2e Mon Sep 17 00:00:00 2001 From: Sage Weil Date: Mon, 2 May 2016 23:08:40 -0400 Subject: [PATCH] task/selinux: another pcp whitelist SELinux denials found on ubuntu@smithi027.front.sepia.ceph.com: ['type=AVC msg=audit(1462234212.274:85266): avc: denied { read } for pid=1984 comm="pmcd" name="pmlogger_daily.pid" dev="tmpfs" ino=1474542 scontext=system_u:system_r:pcp_pmcd_t:s0 tcontext=system_u:object_r:cron_var_run_t:s0 tclass=file'] Signed-off-by: Sage Weil --- teuthology/task/selinux.py | 1 + 1 file changed, 1 insertion(+) diff --git a/teuthology/task/selinux.py b/teuthology/task/selinux.py index bc1f58cb88..f540fea149 100644 --- a/teuthology/task/selinux.py +++ b/teuthology/task/selinux.py @@ -115,6 +115,7 @@ class SELinux(Task): 'name="cephtest"', 'scontext=system_u:system_r:nrpe_t:s0', 'scontext=system_u:system_r:pcp_pmlogger_t', + 'scontext=system_u:system_r:pcp_pmcd_t:s0', ] se_whitelist = self.config.get('whitelist', []) if se_whitelist: -- 2.39.5