On 06/15/2011 04:42 PM, Dominick Grift wrote: 

On Wed, 2011-06-15 at 17:09 -0430, Marcos Ortiz wrote:

Regards to all the list
I was wondering if any of you have deployed Traffic Server under SELinux 
´s policies?
If it´s true, Where I can find the work?

I suspect selinux does not "support" that yet. You can determine by
grepping the "Traffic server" process in ps -auxZ. If it is running in
the initrc_t domain then that means that SELinux is currently not aware
of this application.

In that case we can work to make SELinux support this application. If
you want to help us support this application let us know so that we can
make arrangements to get this going.

 

--
selinux mailing list
selinux@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/selinux
Ok, thanks a lot, Dominick.
I think that´s a good start to me.
Well, for anyone that don´t know what is Apache Traffic Server, I let its description from its own official site:

Apache Traffic Server™ is fast, scalable and extensible HTTP/1.1 compliant caching proxy server.
Formerly a commercial product, Yahoo! donated it to the Apache Foundation, and is now an Apache TLP.

TS can be deployed in three modes:
- as a web proxy proxy cache
- as a reverse proxy
- In a cache hierarchy

Everything can be read here for version 2: http://trafficserver.apache.org/docs/v2/admin/intro.htm
and here for version 3 http://trafficserver.apache.org/docs/v3/admin/intro.htm

There are there processes that work together to serve TS request and manage/control/monitor the health of the completed system:
-  The traffic_server process is the transaction processing engine of Traffic Server.
   It is responsible for accepting connections, processing protocol requests, and
   serving documents from the cache or origin server.

- The traffic_manager process is the command and control facility of the Traffic Server,
   responsible for launching, monitoring, and reconfiguring the traffic_server process.
   The traffic_manager process is also responsible for the proxy autoconfiguration port,
   the statistics interface, cluster administration, and virtual IP failover.
   If the traffic_manager process detects a traffic_server process failure, it instantly
   restarts the process but also maintains a connection queue of all incoming requests.
   All incoming connections that arrive in the several seconds before full server restart
   are saved in the connection queue and processed in first-come, first-served order.
   This connection queueing shields users from any server restart downtime.

- The traffic_cop process monitors the health of both the traffic_server and traffic_manager processes.
  The traffic_cop process periodically (several times each minute) queries the traffic_server and
  traffic_manager process by issuing heartbeat requests to fetch synthetic web pages.
  In the event of failure (if no response is received within a timeout interval or if an incorrect response is received)
 , traffic_cop restarts the traffic_manager and traffic_server processes.


-- 
Marcos Luís Ortíz Valmaseda
 Software Engineer (UCI)
 http://marcosluis2186.posterous.com
 http://twitter.com/marcosluis2186