Open maany opened 5 years ago
@maarten-litmaath @ejr004 should be an automated step or should we insist a site admin to manually disable selinux?
Hi all,
should be an automated step or should we insist a site admin to manually disable selinux?
Disabling SELinux must not be a long-term approach! It exists for good reasons...
Changing to get_selinux_status and raise an exception.
puppet module install puppet-selinux --version 2.0.0 required
@ejr004 Can you create a PR. Also, we will have to update the metadata.json for the puppet module. https://github.com/WLCG-Lightweight-Sites/simple_grid_puppet_module/blob/master/metadata.json (dependencies section)
This is still open for discussion. Pushing to 1.1
SELinux prevents containers from attaching to overlay networks. Could use the puppet module below in pre_deploy stage: https://forge.puppet.com/puppet/selinux And then issue a reboot before deploy stage.