Below you will find pages that utilize the taxonomy term “Selinux”
Attempting a podman play on another VM
The podman saga continues. The podman equivalent of a docker-compose.yml can be created from a pod with the following command:
podman generate kube (name of pod) > (filename).yaml
So I did that with the pod that I’d created with an SELinux context. Now it was time to try it on another Fedora 31 VM to see if it would work. To be on the safe side, I started off creating the phpIPAM folder, chowning it to nobody and chmoding it to 777.
SELinux and Podman
Last time I messed around with Podman, I finally got things working and had what I think was a pretty good understanding of how to go forward. But in order to get things working, I’d had to turn off SELinux. Now it was time to see what I had to do to make Podman work with SELinux. I’ve got some ideas based on some Googling and might also need to try a program called udica to create the right contexts.
Fedora Print Debugging Tip
I was having trouble printing and couldn’t figure out what was going on. I tried everything, including reinstalling the printer and reinstalling the driver. I was getting a misleading “you are using the wrong driver” message. Turns out SELinux was to blame! I happened to check dmesg and see some audit messages. Then I did a
setenforce 0
to turn it off and printing worked. I tried some restorecons on some directories, but I don’t think that fixed it. What I think fixed it was going into the policycoreutils gui and checking as active the cups module “Allow cups execmem/execstack.” Obviously, I turned setenforce back on after checking the box.