On 06/15/2011 04:42 PM, Dominick Grift wrote:
Ok, thanks a lot, Dominick.On Wed, 2011-06-15 at 17:09 -0430, Marcos Ortiz wrote:Regards to all the list I was wondering if any of you have deployed Traffic Server under SELinux Âs policies? If itÂs true, Where I can find the work?I suspect selinux does not "support" that yet. You can determine by grepping the "Traffic server" process in ps -auxZ. If it is running in the initrc_t domain then that means that SELinux is currently not aware of this application. In that case we can work to make SELinux support this application. If you want to help us support this application let us know so that we can make arrangements to get this going.-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux I think thatÂs a good start to me. Well, for anyone that donÂt know what is Apache Traffic Server, I let its description from its own official site: Apache Traffic Serverâ is fast, scalable and extensible HTTP/1.1 compliant caching proxy server. Formerly a commercial product, Yahoo! donated it to the Apache Foundation, and is now an Apache TLP. TS can be deployed in three modes: - as a web proxy proxy cache - as a reverse proxy - In a cache hierarchy Everything can be read here for version 2: http://trafficserver.apache.org/docs/v2/admin/intro.htm and here for version 3 http://trafficserver.apache.org/docs/v3/admin/intro.htm There are there processes that work together to serve TS request and manage/control/monitor the health of the completed system: - The traffic_server process is the transaction processing engine of Traffic Server.  It is responsible for accepting connections, processing protocol requests, and  serving documents from the cache or origin server. - The traffic_manager process is the command and control facility of the Traffic Server,  responsible for launching, monitoring, and reconfiguring the traffic_server process.  The traffic_manager process is also responsible for the proxy autoconfiguration port,  the statistics interface, cluster administration, and virtual IP failover.  If the traffic_manager process detects a traffic_server process failure, it instantly  restarts the process but also maintains a connection queue of all incoming requests.  All incoming connections that arrive in the several seconds before full server restart  are saved in the connection queue and processed in first-come, first-served order.  This connection queueing shields users from any server restart downtime. - The traffic_cop process monitors the health of both the traffic_server and traffic_manager processes.  The traffic_cop process periodically (several times each minute) queries the traffic_server and  traffic_manager process by issuing heartbeat requests to fetch synthetic web pages.  In the event of failure (if no response is received within a timeout interval or if an incorrect response is received) Â, traffic_cop restarts the traffic_manager and traffic_server processes. -- Marcos LuÃs OrtÃz Valmaseda Software Engineer (UCI) http://marcosluis2186.posterous.com http://twitter.com/marcosluis2186 |
-- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux