[Freeipa-devel] [PATCH] 981 set httpd_manage_ipa
Rob Crittenden
rcritten at redhat.com
Mon Mar 12 19:18:29 UTC 2012
Alexander Bokovoy wrote:
> On Mon, 12 Mar 2012, Rob Crittenden wrote:
>> Alexander Bokovoy wrote:
>>> On Wed, 07 Mar 2012, Rob Crittenden wrote:
>>>
>>>> Set SELinux boolean httpd_manage_ipa so ipa_memcached will work in
>>>> enforcing mode.
>>>>
>>>> This is being done in the HTTP instance so we can set both booleans
>>>> in one step and save a bit of time (it is still slow).
>>> I would prefer all platform-specific manipulations of security
>>> policies to be moved to platform-specific module.
>>>
>>> Make a HTTP class there (like I did dirsrv class in systemd
>>> backend) and perform manipulations on service enable.
>>>
>>> This way main code will stay clear of platform-specific code.
>>>
>>> Sorry for not looking into the issue before.
>>>
>>
>> I'd prefer to keep the change simple for now and do the big move post 2.2.
> ACK on condition you'd file a ticket for the post 2.2 work.
>
> :)
Filed this https://fedorahosted.org/freeipa/ticket/2519
I found an issue with this patch that I need to address, will submit a
replacement.
rob
More information about the Freeipa-devel
mailing list