[Freeipa-devel] [PATCH] 752 fix SELinux AVCs
Rob Crittenden
rcritten at redhat.com
Mon Mar 14 20:33:47 UTC 2011
Fix SELinux errors caused by enabling TLS on dogtag 389-ds instance.
This fixes 2 AVCS:
* One because we are enabling port 7390 because an SSL port must be
defined to use TLS On 7389.
* We were symlinking to the main IPA 389-ds NSS certificate databsae.
Instead generate a separate NSS database and certificate and have
certmonger track it separately
I also noticed some variable inconsistency in cainstance.py. Everywhere
else we use self.fqdn and that was using self.host_name. I found it
confusing so I fixed it.
ticket 1085
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-752-selinux.patch
Type: application/mbox
Size: 18896 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110314/cb655291/attachment.mbox>
More information about the Freeipa-devel
mailing list