Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Basis for selinux set to disabled #242

Closed
ronlipke opened this issue Nov 24, 2015 · 8 comments · Fixed by #256
Closed

Basis for selinux set to disabled #242

ronlipke opened this issue Nov 24, 2015 · 8 comments · Fixed by #256
Milestone
1.4

Comments

@ronlipke
Copy link

What is the basis for setting selinux to disabled in this cookbook? I see it changed from permissive sometime between version 1.2.0 and 1.3.0.
We have some compliance restrictions that require selinux and was surprised to see it outright disabled here.
Thanks!
@mrmichaeladavis
Copy link

+1

@Ginja Ginja mentioned this issue Nov 30, 2015
Merged
@agperson
Copy link

agperson commented Dec 7, 2015

But why is this cookbook managing SELinux? I'm confused as to why it is in this purview at all.

@mrmichaeladavis
Copy link

I agree with @agperson. As a security professional, having no documentation of this change and adding it to the run list could dramatically impact my security. SELinux should be managed be a separate wrapper cookbook.

@johnbellone
Copy link
Contributor

@mdavis7771 It is a long story, but ultimately it is a relic from an incorrect generation of this cookbook about a year ago. I do not have a problem removing this cookbook touching SELinux at all.

@johnbellone
Copy link
Contributor

I'll accept a PR here if either @mdavis7771 or @agperson is willing to do so. We'll need to increment the minor release.

@johnbellone johnbellone added this to the 1.4 milestone Dec 8, 2015
@mrmichaeladavis
Copy link

@johnbellone, Understood, I'll do a PR later this week.

@Ginja
Copy link
Contributor

Ginja commented Dec 13, 2015

#256 should fulfill this.

@Ginja Ginja mentioned this issue Dec 14, 2015
Merged
johnbellone added a commit that referenced this issue Dec 15, 2015
@johnbellone
Merge pull request #256 from visioncritical/remove-selinux
eedc49d 
Fixes #242 & Reverts #253
@lock
Copy link

lock bot commented Apr 25, 2020

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.

@lock lock bot locked as resolved and limited conversation to collaborators Apr 25, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
1.4
Development

Successfully merging a pull request may close this issue.

Fixes #242 & Reverts #253
5 participants
@agperson @ronlipke @johnbellone @Ginja @mrmichaeladavis