Puppet Server 0.2.0 and SELinux

[Trevor Vaughan]

Well, I've given 0.2.0 a run and, while it seems to function properly, it's throwing AVCs all over the place.

Any ETA for a working policy set?

Also, it's not quite 100% matching the 3.6 language set but I'll have to play with that some more to see what's going on.

Thanks,

Trevor

--
Trevor Vaughan
Vice President, Onyx Point, Inc
(410) 541-6699
tvau...@onyxpoint.com

-- This account not approved for unencrypted proprietary information --

[Chris Price]

On Mon, Sep 29, 2014 at 12:00 PM, Trevor Vaughan <tvau...@onyxpoint.com> wrote:

Well, I've given 0.2.0 a run and, while it seems to function properly, it's throwing AVCs all over the place.

Any ETA for a working policy set?

Also, it's not quite 100% matching the 3.6 language set but I'll have to play with that some more to see what's going on.

Thanks,

Trevor

What policy set do you use for the Apache/Passenger master?  And are there specific violations you're seeing that don't happen under Apache?  I think we should mostly be reading/writing to the same exact set of directories that the Apache/Passenger setup uses.

[Trevor Vaughan]

Ugh, it would probably work better if I actually looked at my notes prior to sending a message instead of trying to go from memory.

SELinux is fine.

Sorry for the false alarm.

I did have the server crash at some point and I'm trying to figure out why that happened.

Thanks,

Trevor

--
You received this message because you are subscribed to the Google Groups "Puppet Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/CAMx1Qf%2BGAoq_1UxxGhw%3D9kyk0ziFcLHCFOOgLdvhnRCba0Budg%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

[Chris Price]

On Mon, Sep 29, 2014 at 12:44 PM, Trevor Vaughan <tvau...@onyxpoint.com> wrote:

Ugh, it would probably work better if I actually looked at my notes prior to sending a message instead of trying to go from memory.

SELinux is fine.

Sorry for the false alarm.

I did have the server crash at some point and I'm trying to figure out why that happened.

Maybe check your memory settings?  We currently ship with a pretty large default heap size, and we don't handle it very gracefully if you don't have enough RAM.

[Chris Price]

On Mon, Sep 29, 2014 at 2:26 PM, Chris Price <ch...@puppetlabs.com> wrote:

On Mon, Sep 29, 2014 at 12:44 PM, Trevor Vaughan <tvau...@onyxpoint.com> wrote:

Maybe check your memory settings?  We currently ship with a pretty large default heap size, and we don't handle it very gracefully if you don't have enough RAM.

p.s., see:
https://tickets.puppetlabs.com/browse/SERVER-4
 

and

https://github.com/puppetlabs/puppet-server/blob/master/documentation/install_from_packages.markdown#system-requirements

[Trevor Vaughan]

I did check that. I've only got 64GB on this system so it might be a bit tight ;-).

The logs didn't turn up anything suspicious but I did find that a kill -HUP took down the process. I'll keep letting it run and see what happens.

Thanks,

Trevor

--

You received this message because you are subscribed to the Google Groups "Puppet Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email to puppet-dev+...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/puppet-dev/CAMx1Qf%2BLpigh%3DDfGMjyQO46h0zZXqavq601%2BGAPvDmCPN-D69w%40mail.gmail.com.

For more options, visit https://groups.google.com/d/optout.