Re: Further Freeze Break Request: Fix selinux for memcached+collectd

Pierre-Yves Chibon <pingou@xxxxxxxxxxxx> · Wed, 19 Nov 2014 17:41:37 +0100



On Wed, Nov 19, 2014 at 11:20:45AM -0500, Ralph Bean wrote:
> I applied the original patch, but selinux is blocking collectd from
> connecting to the local memcached instance.
> 
> This followup patch should fix that.  Any add-on +1s?
> 
> diff --git a/roles/collectd/memcached/tasks/main.yml b/roles/collectd/memcached/tasks/main.yml
> index 3023af7..fc0d04f 100644
> --- a/roles/collectd/memcached/tasks/main.yml
> +++ b/roles/collectd/memcached/tasks/main.yml
> @@ -3,6 +3,23 @@
>  - name: Copy in the memcached collectd config
>    copy: src=memcached.conf dest=/etc/collectd.d/memcached.conf
>    tags:
> +  - collectd/memcached
>    - collectd
>    - memcached
>    notify: restart collectd
> +
> +- name: Ensure that semanage is present
> +  yum: name=policycoreutils-python state=present
> +  tags:
> +  - collectd/memcached
> +  - collectd
> +  - memcached
> +  - selinux
> +
> +- name: lastly, set some selinux booleans
> +  seboolean: name=collectd_tcp_network_connect persistent=yes state=yes
> +  tags:
> +  - collectd/memcached
> +  - collectd
> +  - memcached
> +  - selinux

+1

Pierre
Attachment:
pgpD7mbGAl9zr.pgp

Description: PGP signature
_______________________________________________
infrastructure mailing list
infrastructure@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/infrastructure