[Freeipa-devel] [PATCH] Handle selinux failure
Karl MacMillan
kmacmill at redhat.com
Wed Oct 24 14:10:38 UTC 2007
# HG changeset patch
# User "Karl MacMillan <kmacmill at redhat.com>"
# Date 1193235029 14400
# Node ID 9ff6cec98d764acbaefe915e0da63d29cd72cea1
# Parent d474654ca48ff4d36dffca6a94ac88ed0e441586
Handle selinux failure
Ignore errors if setsebool fails and print a warning.
diff -r d474654ca48f -r 9ff6cec98d76 ipa-server/ipa-install/ipa-server-install
--- a/ipa-server/ipa-install/ipa-server-install Wed Oct 24 10:04:43 2007 -0400
+++ b/ipa-server/ipa-install/ipa-server-install Wed Oct 24 10:10:29 2007 -0400
@@ -554,7 +554,16 @@ def main():
if selinux:
# Allow apache to connect to the turbogears web gui
- run(["/usr/sbin/setsebool", "-P", "httpd_can_network_connect", "true"])
+ # This can still fail even if selinux is enabled
+ try:
+ run(["/usr/sbin/setsebool", "-P", "httpd_can_network_connect", "true"])
+ except:
+ print "WARNING: could not set selinux boolean httpd_can_network_connect to true."
+ print "The web interface may not function correctly until this boolean is"
+ print "successfully change with the command:"
+ print " /usr/sbin/setsebool -P httpd_can_network_connect true"
+ print "Try updating the policycoreutils and selinux-policy packages."
+ pass
# Start the web gui
run(["/sbin/service", "ipa-webgui", "start"])
More information about the Freeipa-devel
mailing list