IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Set the context of files needed by the selfsign CA so Apache can write them

Browse Source
This commit is contained in:
Rob Crittenden
2009-12-16 16:04:06 -05:00
committed by Jason Gerard DeRose
parent 0e4a1b5be5
commit 585540e0a2
2 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
selinux/ipa_httpd/ipa_httpd.fc
View File

@@ -3,3 +3,8 @@
#
/var/cache/ipa/sessions(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
/var/cache/ipa/assets(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
# Make these files writable so the selfsign plugin can operate
/etc/httpd/alias/cert8.db -- gen_context(system_u:object_r:cert_t,s0)
/etc/httpd/alias/key3.db -- gen_context(system_u:object_r:cert_t,s0)
/var/lib/ipa/ca_serialno -- gen_context(system_u:object_r:cert_t,s0)

2
selinux/ipa_httpd/ipa_httpd.te
View File

@@ -1,4 +1,4 @@
module ipa_httpd 1.1;
module ipa_httpd 1.2;
require {
type httpd_t;