Wifi connection issues with Intel?

Richard Shaw hobbes1069 at gmail.com
Mon Jun 16 17:35:29 UTC 2014 

On Mon, Jun 16, 2014 at 12:19 PM, Daniel J Walsh <dwalsh at redhat.com> wrote:

>
> On 06/12/2014 10:14 AM, Richard Shaw wrote:
>
>  On Thu, Jun 12, 2014 at 6:56 AM, Daniel J Walsh <dwalsh at redhat.com>
> wrote:
>
>>     The full unifi software is java with a mongodb database backend and
>> works fine. I have a RPM I created, the only problem I haven't been able to
>> fix is the selinux issues, one for the private mongodb instance, and then
>> the ports it binds to.
>>
>>  Please open a bugzilla for the SELinux issues.
>>
>
>  Before I open a BZ, here's what I have in my spec file which from what I
> understand should be persistent...
>
>  %posttrans
> /usr/sbin/semanage fcontext -e /var/lib/mongod "/var/lib/unifi/logs(/.*)?"
> /usr/sbin/semanage fcontext -e /var/lib/mongod "/var/lib/unifi/data(/.*)?"
> /usr/sbin/semanage port -m -t mongod_port_t 27117
>
>  Or should this be handled in a policy?
>
>  Thanks,
> Richard
>
>
>  I think your post install should look like.
>
> /usr/sbin/semanage fcontext -e /var/log/mongod "/var/lib/unifi/logs"
> /usr/sbin/semanage fcontext -e /var/lib/mongod "/var/lib/unifi/data"
> /usr/sbin/semanage port -m -t mongod_port_t 27117
>
> Don't use the regex. Also I would figure the logs should be labeled
> mongod_log_t rather then mongod_lib_t.
>

What is the concern with regex? It is specific to packaging? Most of the
examples I found online used that method... As far as the label, since
everything is getting dumped in /var/lib I figured that would be OK.


If this is a standard location for this code, we should put it into the
> base package.
>

There is not a standard install location, the install will "work" as long
as everything stays in the same relative location (the unifi directory).
Since it writes a lot of stuff I figured /var was the best (only?) real
option.

Following the example of a draft wiki I can't find anymore I had modified
the scripts to this instead of using %posttrans:
%post
semanage fcontext -a -t mongod_var_lib_t \
    "%{_sharedstatedir}/unifi/logs(/.*)?" 2>/dev/null || :
semanage fcontext -a -t mongod_var_lib_t \
    "%{_sharedstatedir}/unifi/data(/.*)?" 2>/dev/null || :
restorecon -R %{_sharedstatedir}/unifi/logs || :
restorecon -R %{_sharedstatedir}/unifi/data || :
semanage port -m -t mongod_port_t 27117 || :

%postun
if [ $1 -eq 0 ] ; then  # final removal
semanage fcontext -d -t mongod_var_lib_t \
    "%{_sharedstatedir}/unifi/logs(/.*)?" 2>/dev/null || :
semanage fcontext -d -t mongod_var_lib_t \
    "%{_sharedstatedir}/unifi/data(/.*)?" 2>/dev/null || :
fi

Thanks,
Richard
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/users/attachments/20140616/966c7e2a/attachment.html>

More information about the users mailing list