Thanks for reopening this thread @cole.
Since the solution posted on github and stackoverflow is just a workaround, there are two main goals to getting a permanent solution:
-
Get RStudio Server working out of the box with SELinux.
- The source of the problem is that RStudio Server is packaged with binaries in a library directory
usr/lib. - This results in binaries having the SELinux type
lib_tinstead ofbin_t. Not following Filesystem Hierarchy Standards is the cause of the SELinux errors. - The solution might be as simple as to install the binaries found in
/usr/lib/rustudio-server/bininto/usr/binor/usr/sbinor/usr/libexecas needed.
- The source of the problem is that RStudio Server is packaged with binaries in a library directory
-
Create a targeted SELinux policy for RStudio Server.
- This requires understanding the functionality of RStudio Server.
- Resources on SELinux:
- Reference policy and wiki Home · SELinuxProject/refpolicy Wiki · GitHub
- IRC channel #selinux
I'll try to answer your questions though I'm no expert on SELinux. Much of what I've learned around this issue (including the workaround posted) is thanks to #selinux user "grift" who has been exceptionally helpful, available, and patient.
Yes.
Perhaps looking through the existing policies for many software will give an idea: GitHub - fedora-selinux/selinux-policy-contrib: Fedora Policy Contributions
From grift at #selinux IRC:
they could but they aren't, although most distributions base their policy on a common base policy called reference policy