[Freeipa-devel] [PATCH] 752 fix SELinux AVCs
Pavel Zuna
pzuna at redhat.com
Tue Mar 15 18:06:15 UTC 2011
On 03/14/2011 09:33 PM, Rob Crittenden wrote:
> Fix SELinux errors caused by enabling TLS on dogtag 389-ds instance.
>
> This fixes 2 AVCS:
>
> * One because we are enabling port 7390 because an SSL port must be
> defined to use TLS On 7389.
> * We were symlinking to the main IPA 389-ds NSS certificate databsae.
> Instead generate a separate NSS database and certificate and have
> certmonger track it separately
>
> I also noticed some variable inconsistency in cainstance.py. Everywhere
> else we use self.fqdn and that was using self.host_name. I found it
> confusing so I fixed it.
>
> ticket 1085
>
ACK!!
Pavel
More information about the Freeipa-devel
mailing list