From b152659d8df79dcd209af09ab865cedb50977d63 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?C=C3=A9dric=20Jeanneret?= Date: Thu, 21 Mar 2019 07:33:37 +0100 Subject: [PATCH] We have to allow httpd to listen on those ports in some cases. Apparently, at least 8787 has a selinux type already, preventing httpd to listen on it. Change-Id: I03eacda0d8eaaa76915d8382bc21e8aa15c88265 Closes-Bug: #1821025 --- deployment/image-serve/image-serve-baremetal-ansible.yaml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/deployment/image-serve/image-serve-baremetal-ansible.yaml b/deployment/image-serve/image-serve-baremetal-ansible.yaml index 3dc4884b1f..0675499ff6 100644 --- a/deployment/image-serve/image-serve-baremetal-ansible.yaml +++ b/deployment/image-serve/image-serve-baremetal-ansible.yaml @@ -51,6 +51,14 @@ outputs: - 13787 step_config: '' host_prep_tasks: + - name: authorize httpd to listen on registry ports + seport: + ports: + - '8787' + - '13787' + proto: tcp + setype: http_port_t + state: present - name: Install, Configure and Run Apache to serve container images block: - set_fact: