[Freeipa-devel] [PATCH] 1078 own ca_serialno
Petr Viktorin
pviktori at redhat.com
Thu Dec 13 12:12:21 UTC 2012
On 12/13/2012 06:01 AM, Rob Crittenden wrote:
> We don't currently include the ca_serialno file in our spec file. This
> can generate an SELinux warning upon fresh install because we try to set
> context on a non-existent file.
>
> This creates an empty file on rpm install so the file can be owned by
> the spec.
>
> I also updated the selfsign serial number code to deal with an existing
> but empty file.
>
> rob
>
I couldn't reproduce the error, but I noticed you've left out the
percent sign in %attr:
> --- a/freeipa.spec.in
> +++ b/freeipa.spec.in
[...]
> @@ -660,6 +662,7 @@ fi
> %attr(755,root,root) %{plugin_dir}/libipa_cldap.so
> %attr(755,root,root) %{plugin_dir}/libipa_range_check.so
> %dir %{_localstatedir}/lib/ipa
> +attr(600,root,root) %config(noreplace) %{_localstatedir}/lib/ipa/ca_serialno
RPM build errors:
File must begin with "/": attr(600,root,root)
--
Petr³
More information about the Freeipa-devel
mailing list