https://bugzilla.redhat.com/show_bug.cgi?id=1121601
--- Comment #37 from Jason Tibbitts <ti...@math.uh.edu> --- We could pretty easily mess with the packaging of that perl module if any of this makes a difference. It appears that it's used only by publican (our docbook publication system) so we'd have to talk to them. Maybe someone just needs to fork the module. And selinux would definitely keep the webserver from writing to an unlabeled location under /var (or anywhere else; the web server is rather strictly confined). Now, when I look in the current F21 policy, I see the following rt-related labels: /var/cache/rt(3|4)(/.*)? all files system_u:object_r:httpd_cache_t:s0 /var/lib/rt(3|4)/data/RT-Shredder(/.*)? all files system_u:object_r:httpd_var_lib_t:s0 Which makes it pretty obvious where the problems lie. Since we're using "rt" and not "rt4" for these directories, none of this matches, and even if it were fixed, the labeling for /var/lib/rt would be a bit too restrictive, I think. The selinux folks are very happy to tweak policy and they usually do it rather quickly. If we could just get a list of everywhere rt is expected to write, it would be pretty easy to get them to patch things up. Alex, would you happen to know that off the top of your head? -- You are receiving this mail because: You are on the CC list for the bug. You are always notified about changes to this product and component _______________________________________________ package-review mailing list package-review@lists.fedoraproject.org https://admin.fedoraproject.org/mailman/listinfo/package-review
