[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

[Freeipa-devel] [PATCH] 752 fix SELinux AVCs



Fix SELinux errors caused by enabling TLS on dogtag 389-ds instance.

This fixes 2 AVCS:

* One because we are enabling port 7390 because an SSL port must be
  defined to use TLS On 7389.
* We were symlinking to the main IPA 389-ds NSS certificate databsae.
  Instead generate a separate NSS database and certificate and have
  certmonger track it separately

I also noticed some variable inconsistency in cainstance.py. Everywhere else we use self.fqdn and that was using self.host_name. I found it confusing so I fixed it.

ticket 1085

Attachment: freeipa-rcrit-752-selinux.patch
Description: application/mbox


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]