Puppetserver fails

[ehelms]

Failure during install and configuration of Puppet:

rule=8 dec=deny_audit perm=open auid=-1 pid=6630 exe=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.382.b05-2.el8.x86_64/jre/bin/java : path=/tmp/jffi5936621269686588285.so ftype=application/x-sharedlib trust=0
rule=8 dec=deny_audit perm=open auid=-1 pid=6630 exe=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.382.b05-2.el8.x86_64/jre/bin/java : path=/tmp/jffi5936621269686588285.so ftype=application/x-sharedlib trust=0
rule=8 dec=deny_audit perm=open auid=-1 pid=6630 exe=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.382.b05-2.el8.x86_64/jre/bin/java : path=/tmp/jffi5936621269686588285.so ftype=application/x-sharedlib trust=0
rule=16 dec=deny_audit perm=open auid=-1 pid=6630 exe=/usr/lib/jvm/java-1.8.0-openjdk-1.8.0.382.b05-2.el8.x86_64/jre/bin/java : path=/tmp/jruby-6630/jruby5926005100837765424psych.jar ftype=application/java-archive trust=0

Options:

1. PrivateTmp=True on the systemd service but that is packaged and not under our control
2. Add rules for tmp just for the Java process (tricky due to the changing name of the Java path)

[ekohl]

PrivateTmp=True on the systemd service but that is packaged and not under our control

puppetlabs/ezbake#623

[evgeni]

theforeman/puppet-puppet#892 is the temporary workaround for this.

[evgeni]

theforeman/puppet-puppet#892 got merged and I could run Foreman, Plugins and Katello pipelines just fine, which contain Puppet, so I am going to close this one as completed.