[Pki-devel] [PATCH] 66 - selinux changes for pki_tomcat_cert_t

[Ade Lee]

Added some missing selinux rules found during ipa installation, as well
as a new type pki_tomcat_cert_t for the NSS certificate databases.

Added an selinux interface and permissions for certmonger to read and
write to those files.

Also added the pkispawn and pkidestroy logic to label files for
non-default instances.

I have pushed to master so that IPA can test the changes from the
nightly build, and so that mgrepl can get the latest policy to do a test
scratch build in the morning.  But please review notwithstanding.

Ade

-------------- next part --------------
A non-text attachment was scrubbed...
Name: pki-vakwetu-0066-Added-pki_tomcat_cert_t-type-and-interface-to-access.patch
Type: text/x-patch
Size: 8317 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/pki-devel/attachments/20121010/0208122a/attachment.bin>