Subgit SELinux issue
Matthew Saltzman
mjs at clemson.edu
Tue Sep 22 17:50:37 UTC 2015
Subgit (www.subgit.com) is a system for reflecting Subversion
repository changes to a Git mirror or vice versa. In the former case,
it uses a pre-commit script to spawn a Java daemon that monitors and
mirrors the updates.
When run in enforcing mode, the daemon fails to start and the commit
fails when the spawn attempt times out. No error appears in the audit
log.
When run in permissive mode, the spawn succeeds d the commit works. The
program that is supposed to spawn the daemon has context
system_u:object_r:httpd_sys_script_exec_t:s0
The directory where the PID file is supposed to write its lock file is
The error reported by Subgit on failure is:
Failed to launch background translation process: timeout waiting
for pid file '/var/www/svn/FlopC++/subgit/daemon.pid
(FlopC++ is the repository name).
What policy change do I need to implement to make this work in
enforcing mode? Or how can I debug the process and what information
should I bring to the list for help?
Thanks in advance.
--
Matthew Saltzman
Clemson University Math Sciences
mjs AT clemson DOT edu
More information about the selinux
mailing list