[Bugs] [Bug 1158622] SELinux denial when mounting glusterfs nfs volume when using base-port option

bugzilla at redhat.com bugzilla at redhat.com
Tue Nov 4 12:25:44 UTC 2014


https://bugzilla.redhat.com/show_bug.cgi?id=1158622

Niels de Vos <ndevos at redhat.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |jbrooks at redhat.com,
                   |                            |ndevos at redhat.com
              Flags|                            |needinfo?(jbrooks at redhat.co
                   |                            |m)



--- Comment #1 from Niels de Vos <ndevos at redhat.com> ---
I highly recommend to not mount a Gluster volume over NFS on a Gluster Server.
You can only use NFS on a Gluster Server if you disable the locking. This
obviously is quite risky as it can cause data corruption.

If this really is what you want to do, we can figure out which ports the
selinux-policy allows for the Gluster processes. But, I doubt that the standard
policy should get adjusted to allow any port that can be set by using the
base-port option. This likely is something for which you need to modify/extend
the policy locally. (I'm not sure why "setsebool -P nis_enabled 1" would make a
difference.)

Please let me know how you want to continue with this, and what your
expectations are. Thanks!

-- 
You are receiving this mail because:
You are on the CC list for the bug.
You are the assignee for the bug.


More information about the Bugs mailing list