James, audit2why recommended "setsebool -P httpd_can_network_connect_cobbler 1" but even after doing that, starting cobblerd still fails and audit2why </var/log/audit/audit.log shows no new issues. BUT -- What I didn't try (and did just now) is "service httpd restart" as well as "service cobblerd start" which fixed it, so the lesson learned (for me) is the selinux setting change didn't apply until the httpd service was restarted. Probably obvious to those who understand selinux;-) Hey, at least I didn't just disable it;-)
I think I'll leave the bug at bugzilla.redhat.com as this is not a cobbler issue per-se but an FC17 selinux-policy configuration issue, isn't it? Thanks for the help. /a On Tue, Jul 24, 2012 at 12:01 AM, James Cammarata <[email protected]> wrote: > On Mon, Jul 23, 2012 at 10:54 PM, Greg Swift <[email protected]> wrote: > > On Mon, Jul 23, 2012 at 8:53 PM, Alan Crosswell <[email protected]> > wrote: > >> I'm having trouble getting cobbler to start on an up-to-date fc17 > distro. I > >> suspect selinux and/or python version issues. > >> > >> I've submitted this bug: > https://bugzilla.redhat.com/show_bug.cgi?id=842487 > > > > cobbler's bug tracking has moved to github.. > > https://github.com/cobbler/cobbler/issues > > > > I thought someone had talked about running cobbler on f17 lately, but > > all i could find in a cursory search was the people talking about > > installing f17 from cobbler. I haven't gotten my boxes off f16 yet, > > so i'm no help there. > > I saw that bug come up, hadn't had a chance to respond to it. It's > definitely SELinux, blocking python ctypes if I remember correctly. > Setenforce 0 and use audit2allow to generate policy to correct it. > There have been several other bugs (bugzilla and github) that cover > the same topic. > _______________________________________________ > cobbler mailing list > [email protected] > https://fedorahosted.org/mailman/listinfo/cobbler >
_______________________________________________ cobbler mailing list [email protected] https://fedorahosted.org/mailman/listinfo/cobbler
