You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hey folks, when using the microshift plugin, we see some SELinux denials when we use the default folder of /var/tmp, changing the temp dir with --tmp-dir to something like /tmp solves the issue, but I was wondering if we should be shipping a solution to this with our plugin for the default behavior?
Well we definitely don't want to have any plugins generating AVC denials out of the box. The curious thing to me is why we're only seeing this here. We make many calls to ovs-appctl in other plugins (openvswitch, ovn_central, openshift_ovn), and so far we've not had a report of this.
What's the environment this is being run in? Does the openvswitch plugin also get enabled in a microshift environment, and if so are there any other denials being seen with that plugin?
Yeah agreed, I'm currently getting access to the system this is happening in. As you've stated this shouldn't be happening since there's allow rules for this action already in place.
Hey folks, when using the
microshift
plugin, we see some SELinux denials when we use the default folder of/var/tmp
, changing the temp dir with--tmp-dir
to something like/tmp
solves the issue, but I was wondering if we should be shipping a solution to this with our plugin for the default behavior?The text was updated successfully, but these errors were encountered: