[Pki-devel] [PATCH] 020 - selinux changes for ephemeral ports
Matthew Harmsen
mharmsen at redhat.com
Fri Feb 24 00:07:54 UTC 2012
On 02/23/12 15:43, Matthew Harmsen wrote:
> On 02/23/12 14:59, Ade Lee wrote:
>> Please review.
>>
>>
>> _______________________________________________
>> Pki-devel mailing list
>> Pki-devel at redhat.com
>> https://www.redhat.com/mailman/listinfo/pki-devel
> ACK
>
> * applied patch to freshly pulled repo (Dogtag 10)
This was all performed on a 64-bit Fedora 16 machine.
> * built and installed new 'pki-core' components (specifically
> 'pki-selinux')
> * successfully restarted 'pki-ca' instance
> * successfully enrolled for a certificate
> * sudo audit2allow -R -i /var/log/audit/audit.log
>
> require {
> type pki_kra_t;
> type certwatch_t;
> type pki_ca_t;
> }
>
> #============= certwatch_t ==============
> files_read_var_files(certwatch_t)
>
> #============= pki_ca_t ==============
> fs_getattr_xattr_fs(pki_ca_t)
>
> #============= pki_kra_t ==============
> fs_getattr_xattr_fs(pki_kra_t)
>
> * sudo audit2allow -R -i /var/log/audit/audit.log | grep pki
> type pki_kra_t;
> type pki_ca_t;
> #============= pki_ca_t ==============
> fs_getattr_xattr_fs(pki_ca_t)
> #============= pki_kra_t ==============
> fs_getattr_xattr_fs(pki_kra_t)
>
>
>
> _______________________________________________
> Pki-devel mailing list
> Pki-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/pki-devel
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20120223/df2d5e9d/attachment.htm>
More information about the Pki-devel
mailing list