I’m running concourse on centos7, I’ve setup the web and worker on separate vm’s
For the most part I have all the configuration documented for the two configurations (firewalld, systemd, kernel-ml etc) but I’ve had to except to turning off SELinux to get the worker to function. (with it enabled the service will run and load etc but I will get an error trying to fork /usr/bin/tar or a runc error getting the final child’s pid)
example of the tar error
example go error
So I wanted to ask the community if you are running concourse with SELinux would you be willing to help me understand how you wrote the policy to allow them to play nicely ? as I’m not seeing anything being denied in the audit log and I’m no expert with SELinux.
I would appreciate anyone help on the matter.