-
Bug
-
Resolution: Unresolved
-
Major
-
None
-
6.0.4.GA
-
None
-
False
-
None
-
False
-
-
After .postinstall.selinux, version.sh no longer has any output. It faces selinux denials like below (quickcluster being the current user running it in this example):
Nov 12 15:08:24 node-0 setroubleshoot[8966]: SELinux is preventing /usr/bin/bash from search access on the directory quickcluster.#012#012***** Plugin catchall (100. confidence) suggests **************************#012#012If you believe that bash should be allowed search access on the quickcluster directory by default.#012Then you should report this as a bug.#012You can generate a local policy module to allow this access.#012Do#012allow this access for now by executing:#012# ausearch -c 'version.sh' --raw | audit2allow -M my-versionsh#012# semodule -X 300 -i my-versionsh.pp#012
The output is still received if if you pipe it to tail:
./version.sh | tail Server version: Apache Tomcat/10.1.8 Server built: Apr 14 2023 19:40:29 UTC Server number: 10.1.8 OS Name: Linux OS Version: 4.18.0-553.27.1.el8_10.x86_64 Architecture: amd64 JVM Version: 11.0.25+9-LTS JVM Vendor: Red Hat, Inc.
Even after the above custom local policy, there are no apparent denials, but the version is still not seen in the terminal.
