[Freeipa-devel] [PATCH] 261 Many SELinux fixes
Rob Crittenden
rcritten at redhat.com
Fri Aug 28 22:06:28 UTC 2009
The ldapi code I committed yesterday didn't work with SELinux enabled.
This patch addresses that.
On Python 2.5+ systems the mgmt framework didn't work with SELinux
enabled because of the ctypes module. It does all sorts of crazy stuff
which makes SELinux absolutely freak out (it tries to execute things in
/tmp, for example). This is used by uuid but we have our own local copy
any because this isn't included in Python 2.4. ctypes is optional anyway
so just disable it.
Finally have to disable the SELinux rules for dogtag CRL file
publishing. The module would blow up if you don't have dogtag installed.
Need to find another way. Disabling for now so the server can once again
work in enforcing mode.
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-261-selinux.patch
Type: application/mbox
Size: 4217 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090828/f5a9143c/attachment.mbox>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3245 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090828/f5a9143c/attachment.bin>
More information about the Freeipa-devel
mailing list