Closed eb4x closed 1 year ago
evgeni
commented
1 year ago In the past, adding Requires: something-selinux was frowned upon, as it would pull in SELinux stuff on systems that do not use SELinux. However, in the meantime we have rich dependencies and the guidelines say:
Requires: (%{name}-selinux if selinux-policy-%{selinuxtype})So I guess, it's fine to fix in packaging?
ekohl
commented
1 year ago I've opened https://github.com/theforeman/foreman-packaging/pull/9924 for that.
eb4x
commented
1 year ago I've opened theforeman/foreman-packaging#9924 for that.
So it'll automagically get installed when katello is installed, and we don't need this right?
Does the same already apply to foreman, and could we strip out the foreman-selinux there aswell? https://github.com/theforeman/puppet-foreman/blob/master/manifests/install.pp#L7-L11
eb4x
commented
1 year ago Nm, I see PR adds to both foreman and katello. I must have missed it the first time around :face_with_head_bandage:
ekohl
commented
1 year ago So it'll automagically get installed when katello is installed, and we don't need this right?
I just checked and it's now an RPM dependency:
# dnf install https://yum.theforeman.org/releases/nightly/el8/x86_64/foreman-release.rpm https://yum.theforeman.org/katello/nightly/katello/el8/x86_64/katello-repos-latest.rpm
# dnf repoquery --quiet --whatrequires katello-selinux
rubygem-katello-0:4.11.0-0.4.pre.master.20231114212517git9b51612.el8.noarchSo I'm closing this now. Thanks for bringing this to our attention.
Similar to theforeman/puppet-foreman#79
katello-selinux allows foreman_rails_t to connect to candlepin_activemq_port_t