Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

selinux patch for symlinks #3713

Open
johrstrom opened this issue Aug 5, 2024 · 2 comments
Open

selinux patch for symlinks #3713

johrstrom opened this issue Aug 5, 2024 · 2 comments
Labels
area/installation
Milestone
4.1

Comments

@johrstrom
Copy link
Contributor

From discourse: https://discourse.openondemand.org/t/selinux-accessing-home-directory-issue/3664

Our selinux policy seems to need the ability to modify symlinks which this discourse user provides the patch for. This ticket is to apply said patch.
@johrstrom johrstrom added this to the 4.0 milestone Aug 5, 2024
@hsmallbone
Copy link

hsmallbone commented Aug 6, 2024
edited
Loading

I think this is just accessing files through the gateway symlink suggested by the docs for developing apps?
I have applied this patch but it doesn't seem to help persistently (i.e. every time I try again it will error out).

Also more generally the ood_pun_t context doesn't seem to be able to access user_home_t

@hsmallbone
Copy link

I have just patched such that ood_pun_t can access user_home_t.
We now have several selinux policies but I am not sure which of them are due to our unique position of login node being the same as compute node.

@johrstrom johrstrom modified the milestones: 4.0, 4.1 Oct 30, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
area/installation
Projects
None yet
Milestone
4.1
Development

No branches or pull requests
2 participants
@hsmallbone @johrstrom