A bug was filed the other day claiming that it was impossible to
propose bugs as FE or blockers in the blockerbugs app. I have a fix
ready that's already deployed to stg and I'd like to move it into prod.
After some triage today, it turns out that there were selinux denials
on httpd writing to a cookiefile which is required by python-bugzilla
and used as part doing the actual proposal.
The fix is in three places:
- the package was modified to create a directory for the cookiefile
that has appropriate permissions and selinux context so that the
proposal works.
- the code was modified to have a better default cookie location when
the app is in production mode
code changes for these two changes are at:
https://git.fedorahosted.org/cgit/blockerbugs.git/commit/?id=be2a20b9c686...
These changes have been built as blockerbugs-0.3.0.3.1-1.el6 and is
in the infrastructure-testing repo
- the config file in puppet needs to be modified so that it is no
longer overriding the default cookie location
diff --git a/modules/blockerbugs/templates/blockerbugs-settings.py.erb
b/modules/blockerbugs/t index 8c33d6f..5b58b7a 100644
--- a/modules/blockerbugs/templates/blockerbugs-settings.py.erb
+++ b/modules/blockerbugs/templates/blockerbugs-settings.py.erb
@@ -3,7 +3,6 @@ SQLALCHEMY_DATABASE_URI = 'postgresql+psycopg2://<%=
blockerbugs_app %>:<%= bl FAS_ADMIN_GROUP = "qa-admin"
FAS_USER = "<%= blockerbugs_fas_user %>(a)fedoraproject.org"
FAS_PASSWORD = "<%= blockerbugs_fas_password %>"
-BUGZILLA_COOKIE = "" # this should be blank for production
<% if environment == "staging" %>
FAS_HTTPS_REQUIRED = False
FAS_CHECK_CERT = False
Thanks,
Tim