SELinux denials on sysctl_net_t

XMLWordPrintableJSON

    • Type: Bug
    • Resolution: Won't Fix
    • Priority: Major - P3
    • None
    • Affects Version/s: 5.0.8
    • Component/s: None
    • None
    • ALL
    • Hide

      Install and configure MongoDB as documented.

      Start the mongod service.

      Show
      Install and configure MongoDB as documented. Start the mongod service.
    • Security 2022-05-30
    • None
    • 3
    • None
    • None
    • None
    • None
    • None
    • None
    • None

      Hi.

      Even following the latest documentation updates in https://jira.mongodb.org/browse/DOCS-15224, I still don't see the SELinux rules that I added to https://jira.mongodb.org/browse/SERVER-53177 in my comment https://jira.mongodb.org/browse/SERVER-53177?focusedCommentId=3607295&page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#comment-3607295 in the latest documentation (https://www.mongodb.com/docs/manual/tutorial/install-mongodb-on-red-hat/).

       

      We still get denials reported on:
      allow mongod_t sysctl_net_t:dir search;
      allow mongod_t sysctl_net_t:file { getattr read open };

      every time the mongod service is started.

      We are running MongoDB 5.0.8 on Rocky Linux 8.

              Assignee:
              Sergey Galtsev (Inactive)
              Reporter:
              INVADE International Ltd
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

                Created:
                Updated:
                Resolved: