Testing needed (mongodb)
Daniel J Walsh
dwalsh at redhat.com
Tue Jan 17 20:41:55 UTC 2012
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 01/17/2012 02:12 PM, Jon VanAlten wrote:
>
>
> ----- Original Message -----
>> From: "Nathaniel McCallum" <nathaniel at natemccallum.com> To:
>> "Development discussions related to Fedora"
>> <devel at lists.fedoraproject.org> Sent: Tuesday, January 17, 2012
>> 1:24:25 PM Subject: Testing needed (mongodb)
>>
>> I've built packages of MongoDB 2.0.2 for f15, f16 and f17. This
>> should be a drop in replacement for your 1.8.x server. See
>> http://www.mongodb.org/display/DOCS/2.0+Release+Notes#2.0ReleaseNotes-Upgradingfor
>>
>>
further details.
>>
>> However, I had to rewrite the patch providing js 1.8.5 support.
>> So I'd like some hands on testing before I push out this update.
>>
>> The builds should appear shortly in updates-testing and you can
>> provide here:
>> https://admin.fedoraproject.org/updates/mongodb-2.0.2-5.fc15
>> https://admin.fedoraproject.org/updates/mongodb-2.0.2-5.fc16
>>
>> Thanks!
>>
>> Nathaniel
>>
>> -- devel mailing list devel at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/devel
>
> Hi,
>
> Am using the java driver not javascript so I can't really comment
> to your rewritten patch, but I can say that the F15 packages seem
> to be functioning fine as dropin replacement. There is, however, a
> new SELinux alert (pasted below). I don't see anything terrible in
> /var/log/mongodb/mongodb.log and this alert doesn't seem to affect
> functionality.
>
> cheers, jon
>
> SELinux is preventing /usr/bin/mongod from getattr access on the
> file /proc/sys/vm/zone_reclaim_mode.
>
> ***** Plugin catchall (100. confidence) suggests
> ***************************
>
> If you believe that mongod should be allowed getattr access on the
> zone_reclaim_mode file by default. Then you should report this as a
> bug. You can generate a local policy module to allow this access.
> Do allow this access for now by executing: # grep mongod
> /var/log/audit/audit.log | audit2allow -M mypol # semodule -i
> mypol.pp
>
> Additional Information: Source Context
> system_u:system_r:mongod_t:s0 Target Context
> system_u:object_r:sysctl_vm_t:s0 Target Objects
> /proc/sys/vm/zone_reclaim_mode [ file ] Source
> mongod Source Path /usr/bin/mongod Port
> <Unknown> Host <HOST> Source RPM Packages
> mongodb-server-2.0.2-5.fc15 Target RPM Packages Policy RPM
> selinux-policy-3.9.16-48.fc15 Selinux Enabled True
> Policy Type targeted Enforcing Mode
> Enforcing Host Name toxin Platform
> Linux <HOST> 2.6.41.4-1.fc15.x86_64 #1 SMP Tue Nov 29 11:53:48 UTC
> 2011 x86_64 x86_64 Alert Count 3 First Seen
> Tue 17 Jan 2012 02:00:14 PM EST Last Seen Tue
> 17 Jan 2012 02:02:46 PM EST Local ID
> bc6ed9f8-5013-4aff-8b7d-c45c3add2e04
>
> Raw Audit Messages type=AVC msg=audit(1326826966.315:388): avc:
> denied { getattr } for pid=28298 comm="mongod"
> path="/proc/sys/vm/zone_reclaim_mode" dev=proc ino=515586
> scontext=system_u:system_r:mongod_t:s0
> tcontext=system_u:object_r:sysctl_vm_t:s0 tclass=file
I have no problem adding this access.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/
iEYEARECAAYFAk8V3RIACgkQrlYvE4MpobPT1gCgye893V1cMrUPA58ta0Gmt4sW
i2AAoKPU29J9def7CYVTsRXTJRQ8m7aK
=VS7p
-----END PGP SIGNATURE-----
More information about the devel
mailing list