A bug was filed the other day claiming that it was impossible to propose bugs as FE or blockers in the blockerbugs app. I have a fix ready that's already deployed to stg and I'd like to move it into prod. After some triage today, it turns out that there were selinux denials on httpd writing to a cookiefile which is required by python-bugzilla and used as part doing the actual proposal. The fix is in three places: - the package was modified to create a directory for the cookiefile that has appropriate permissions and selinux context so that the proposal works. - the code was modified to have a better default cookie location when the app is in production mode code changes for these two changes are at: https://git.fedorahosted.org/cgit/blockerbugs.git/commit/?id=be2a20b9c6868909af279bec6e0ccda53cb36b1a These changes have been built as blockerbugs-0.3.0.3.1-1.el6 and is in the infrastructure-testing repo - the config file in puppet needs to be modified so that it is no longer overriding the default cookie location diff --git a/modules/blockerbugs/templates/blockerbugs-settings.py.erb b/modules/blockerbugs/t index 8c33d6f..5b58b7a 100644 --- a/modules/blockerbugs/templates/blockerbugs-settings.py.erb +++ b/modules/blockerbugs/templates/blockerbugs-settings.py.erb @@ -3,7 +3,6 @@ SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://<%= blockerbugs_app %>:<%= bl FAS_ADMIN_GROUP = "qa-admin" FAS_USER = "<%= blockerbugs_fas_user %>@fedoraproject.org" FAS_PASSWORD = "<%= blockerbugs_fas_password %>" -BUGZILLA_COOKIE = "" # this should be blank for production <% if environment == "staging" %> FAS_HTTPS_REQUIRED = False FAS_CHECK_CERT = False Thanks, Tim
Attachment:
signature.asc
Description: PGP signature
_______________________________________________ infrastructure mailing list infrastructure@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/infrastructure
