[DOCS-628] Add information about selinux contexts to community pages Created: 19/Oct/12  Updated: 22/Oct/12  Resolved: 22/Oct/12

Status: Closed
Project: Documentation
Component/s: None
Affects Version/s: None
Fix Version/s: None

Type: Task Priority: Minor - P4
Reporter: Sam Weaver Assignee: Sam Kleinman (Inactive)
Resolution: Won't Fix Votes: 0
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Participants:
Days since reply: 11 years, 17 weeks, 2 days ago

 Description   

Nowhere on the community site does it mention about running MongoDB with selinux. It does in fact set itself up with the correct selinux contexts when deploying on Fedora through Yum:

[sweaver@localhost Desktop]$ sudo semanage fcontext -l | grep mongo
/etc/rc\.d/init\.d/mongod regular file system_u:object_r:mongod_initrc_exec_t:s0
/usr/bin/mongod regular file system_u:object_r:mongod_exec_t:s0
/usr/share/aeolus-conductor/dbomatic/dbomatic regular file system_u:object_r:mongod_exec_t:s0
/var/lib/mongodb(/.*)? all files system_u:object_r:mongod_var_lib_t:s0
/var/log/mongodb(/.*)? all files system_u:object_r:mongod_log_t:s0
/var/run/aeolus/dbomatic\.pid regular file system_u:object_r:mongod_var_run_t:s0
/var/run/mongodb(/.*)? all files system_u:object_r:mongod_var_run_t:s0

Might be useful to mention this somewhere as I had to actually load Fedora up and check myself that it would run ok in Enforcing mode.



 Comments   
Comment by Sam Kleinman (Inactive) [ 22/Oct/12 ]

Needs confirmation from kernel team and more intentional certification on officially distributed packages.

Generated at Thu Feb 08 07:39:07 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.