[Pki-devel] [PATCH] 020 - selinux changes for ephemeral ports
Ade Lee
alee at redhat.com
Fri Feb 24 03:14:37 UTC 2012
pushed to dogtag-10 and dogtag-9
On Thu, 2012-02-23 at 16:07 -0800, Matthew Harmsen wrote:
> On 02/23/12 15:43, Matthew Harmsen wrote:
> > On 02/23/12 14:59, Ade Lee wrote:
> > > Please review.
> > >
> > >
> > > _______________________________________________
> > > Pki-devel mailing list
> > > Pki-devel at redhat.com
> > > https://www.redhat.com/mailman/listinfo/pki-devel
> > ACK
> >
> > * applied patch to freshly pulled repo (Dogtag 10)
> This was all performed on a 64-bit Fedora 16 machine.
> > * built and installed new 'pki-core' components (specifically
> > 'pki-selinux')
> > * successfully restarted 'pki-ca' instance
> > * successfully enrolled for a certificate
> > * sudo audit2allow -R -i /var/log/audit/audit.log
> >
> > require {
> > type pki_kra_t;
> > type certwatch_t;
> > type pki_ca_t;
> > }
> >
> > #============= certwatch_t ==============
> > files_read_var_files(certwatch_t)
> >
> > #============= pki_ca_t ==============
> > fs_getattr_xattr_fs(pki_ca_t)
> >
> > #============= pki_kra_t ==============
> > fs_getattr_xattr_fs(pki_kra_t)
> >
> > * sudo audit2allow -R -i /var/log/audit/audit.log | grep pki
> > type pki_kra_t;
> > type pki_ca_t;
> > #============= pki_ca_t ==============
> > fs_getattr_xattr_fs(pki_ca_t)
> > #============= pki_kra_t ==============
> > fs_getattr_xattr_fs(pki_kra_t)
> >
> >
> >
> > _______________________________________________
> > Pki-devel mailing list
> > Pki-devel at redhat.com
> > https://www.redhat.com/mailman/listinfo/pki-devel
>
More information about the Pki-devel
mailing list