Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix SELinux and add feature::api::bind_port support #772

Merged
merged 7 commits into from
Aug 1, 2024
Merged

Fix SELinux and add feature::api::bind_port support #772

merged 7 commits into from
Aug 1, 2024

Conversation

lbetz
Copy link
Contributor

@lbetz lbetz commented Jun 28, 2024

Add support of SELinux. That mean the required policy package is installed if a selinux_package_name in globals is set and facts.os.selinux.enabled=true.

@lbetz lbetz force-pushed the feature/selinux branch from 186e6a1 to 0d4a5af Compare June 28, 2024 14:50
@bastelfreak
Copy link
Member

I removed the enhancement label. Our changelog generator puts PRs in categories based on labels. And it gets confused when it has to put a PR into two categories.

@lbetz lbetz force-pushed the feature/selinux branch from 0d4a5af to 860c410 Compare June 28, 2024 15:44
@lbetz lbetz force-pushed the feature/selinux branch from 860c410 to 4a9b446 Compare June 28, 2024 15:47
@lbetz lbetz added this to the v6.0.0 milestone Jun 28, 2024
@lbetz lbetz force-pushed the feature/selinux branch from fdfd77d to e1461ad Compare June 28, 2024 16:27
@SimonHoenscheid
Copy link
Member

I would prefer if we keep the "manage_selinux" switch, so the user has to make a decision and it reduces the impact of the change.

What happens if the user runs icinga2 on a different port, with a diffent user etc.?

@lbetz lbetz force-pushed the feature/selinux branch from f4126d1 to 8ede571 Compare July 1, 2024 09:58
@lbetz lbetz force-pushed the feature/selinux branch from 8ede571 to bcb95be Compare July 1, 2024 10:01
@SimonHoenscheid
Copy link
Member

Is there a reason to default manage_SELinux to true?

SimonHoenscheid
SimonHoenscheid requested changes Jul 7, 2024
View reviewed changes
manifests/init.pp Outdated Show resolved Hide resolved
@SimonHoenscheid SimonHoenscheid self-requested a review July 15, 2024 09:26
@SimonHoenscheid SimonHoenscheid marked this pull request as draft July 15, 2024 10:40
@SimonHoenscheid
Copy link
Member

@lbetz pointed out in a private chat, this is still a draft.

@lbetz lbetz force-pushed the feature/selinux branch from 6503876 to 519fed3 Compare July 25, 2024 13:34
@lbetz lbetz force-pushed the feature/selinux branch from 519fed3 to 4538a79 Compare July 25, 2024 13:36
@lbetz lbetz added the bug label Jul 25, 2024
@lbetz
Copy link
Contributor Author

lbetz commented Jul 25, 2024

Now this PR only fixes problems with selinux on some file permissions and add support to change the bind_port of class icinga2::feature::api.

@lbetz lbetz added enhancement and removed bug labels Jul 25, 2024
@lbetz lbetz changed the title Add SELinux support Fix SELinux and add feature::api::bind_port support Jul 25, 2024
@lbetz lbetz marked this pull request as ready for review July 25, 2024 13:48
@lbetz lbetz merged commit 6758ec5 into voxpupuli:main Aug 1, 2024
4 checks passed
@lbetz lbetz deleted the feature/selinux branch August 1, 2024 03:49
@shoddyguard shoddyguard mentioned this pull request Nov 7, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@SimonHoenscheid SimonHoenscheid SimonHoenscheid approved these changes

@bastelfreak bastelfreak Awaiting requested review from bastelfreak

Assignees
No one assigned
Labels
enhancement
Projects
None yet
Milestone
v6.0.0
Development

Successfully merging this pull request may close these issues.
3 participants
@lbetz @bastelfreak @SimonHoenscheid