Hello there,
Do you use Fedora for web development? Do you use Docker? Perhaps you might have an easy solution to my problem.
I have an open bug at https://github.com/cytopia/devilbox/issues/255 I would like to make devilbox work seamlessly out of the box without messing with setenforce. Can you please help me in setting up drupal-compose appropriately so I can do that?
Sincerely,
On 10 May 2018 at 12:29, Kushal kushaldeveloper@gmail.com wrote:
Hello there,
Do you use Fedora for web development? Do you use Docker? Perhaps you might have an easy solution to my problem.
I have an open bug at https://github.com/cytopia/devilbox/issues/255 I would like to make devilbox work seamlessly out of the box without messing with setenforce. Can you please help me in setting up drupal-compose appropriately so I can do that?
You can try sealert -a /var/log/audit/audit.log, this will tell you what
is causing the denies.
Can you share the output of ausearch -m avc -ts recent?
When I am using the services that you are using in Github usually setsebol -P httpd_can_network_connect 1 resolves the SELinux denies.
Thanks, Earl!
Can you share the output of ausearch -m avc -ts recent?
$ sudo ausearch -m avc -ts recent ---- time->Fri May 11 03:35:19 2018 type=AVC msg=audit(1526024119.640:1052): avc: denied { write } for pid=13291 comm="touch" name="php-fpm.access" dev="dm-2" ino=20186094 scontext=system_u:system_r:container_t:s0:c581,c880 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 ---- time->Fri May 11 03:35:19 2018 type=AVC msg=audit(1526024119.640:1053): avc: denied { write } for pid=13291 comm="touch" name="php-fpm.access" dev="dm-2" ino=20186094 scontext=system_u:system_r:container_t:s0:c581,c880 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0 ---- time->Fri May 11 03:35:34 2018 type=AVC msg=audit(1526024134.654:1074): avc: denied { write } for pid=13564 comm="openssl" name="devilbox-ca.key" dev="dm-2" ino=20186096 scontext=system_u:system_r:container_t:s0:c774,c913 tcontext=system_u:object_r:user_home_t:s0 tclass=file permissive=0
Also here's the full output from the terminal
https://paste.fedoraproject.org/paste/bEpQhW7IZQNBIhJHiXxjKA/raw
Thank you foryour help!
Sincerely,
-
Earl A Ramirez -
Kushal