
<html>

  <head>

    <meta content="text/html; charset=UTF-8" http-equiv="Content-Type">

  </head>

  <body bgcolor="#FFFFFF" text="#000000">

    <br>

    <div class="moz-cite-prefix">On 06/12/2014 10:14 AM, Richard Shaw

      wrote:<br>

    </div>

    <blockquote

cite="mid:CAN3TeO01=Gfyng9-3Xt32593zoEa0Ad516PMZm1k4=JSHkXzww@mail.gmail.com"

      type="cite">

      <div dir="ltr">

        <div class="gmail_extra">

          <div class="gmail_quote">On Thu, Jun 12, 2014 at 6:56 AM,

            Daniel J Walsh <span dir="ltr">&lt;<a

                moz-do-not-send="true" href="mailto:dwalsh@redhat.com"

                target="_blank">dwalsh@redhat.com</a>&gt;</span> wrote:<br>

            <blockquote class="gmail_quote" style="margin:0px 0px 0px

0.8ex;border-left-width:1px;border-left-color:rgb(204,204,204);border-left-style:solid;padding-left:1ex">

              <div bgcolor="#FFFFFF" text="#000000">

                <div>

                  <div class="h5">

                    <blockquote type="cite">

                      <div dir="ltr">

                        <div class="gmail_extra">

                          <div class="gmail_quote">

                            <div>The full unifi software is java with a

                              mongodb database backend and works fine. I

                              have a RPM I created, the only problem I

                              haven't been able to fix is the selinux

                              issues, one for the private mongodb

                              instance, and then the ports it binds to. </div>

                          </div>

                        </div>

                      </div>

                    </blockquote>

                  </div>

                </div>

                Please open a bugzilla for the SELinux issues.</div>

            </blockquote>

            <div><br>

            </div>

            <div>Before I open a BZ, here's what I have in my spec file

              which from what I understand should be persistent...</div>

            <div><br>

            </div>

            <div>

              <div>%posttrans</div>

              <div>/usr/sbin/semanage fcontext -e /var/lib/mongod

                "/var/lib/unifi/logs(/.*)?"</div>

              <div>/usr/sbin/semanage fcontext -e /var/lib/mongod

                "/var/lib/unifi/data(/.*)?"</div>

              <div>/usr/sbin/semanage port -m -t mongod_port_t 27117</div>

            </div>

            <div><br>

            </div>

            <div>Or should this be handled in a policy?</div>

            <div><br>

            </div>

            <div>Thanks,</div>

            <div>Richard</div>

          </div>

        </div>

      </div>

      <br>

      <fieldset class="mimeAttachmentHeader"></fieldset>

      <br>

    </blockquote>

    I think your post install should look like.<br>

    <br>

    <div>/usr/sbin/semanage fcontext -e /var/log/mongod

      "/var/lib/unifi/logs"</div>

    <div>/usr/sbin/semanage fcontext -e /var/lib/mongod

      "/var/lib/unifi/data"</div>

    <div>/usr/sbin/semanage port -m -t mongod_port_t 27117</div>

    <br>

    Don't use the regex. Also I would figure the logs should be labeled

    mongod_log_t rather then mongod_lib_t.<br>

    <br>

    If this is a standard location for this code, we should put it into

    the base package.<br>

    <br>

    <br>

  </body>

</html>