IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

adtrust: move SELinux settings to constants

Browse Source 
SELinux is platform dependend, moving boolean setting to platform module.

Reviewed-By: Martin Babinsky <mbabinsk@redhat.com>
This commit is contained in:
Martin Basti
2017-05-18 17:23:54 +02:00
committed by Martin Babinsky
parent 1a6de32c9e
commit 663f227a5c
3 changed files with 7 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
ipaplatform/base/constants.py
View File

@@ -27,6 +27,9 @@ class BaseConstantsNamespace(object):
ODS_GROUP = "ods" ODS_GROUP = "ods"
# nfsd init variable used to enable kerberized NFS # nfsd init variable used to enable kerberized NFS
SECURE_NFS_VAR = "SECURE_NFS" SECURE_NFS_VAR = "SECURE_NFS"
SELINUX_BOOLEAN_ADTRUST = {
'samba_portmapper': 'on',
}
SELINUX_BOOLEAN_HTTPD = { SELINUX_BOOLEAN_HTTPD = {
'httpd_can_network_connect': 'on', 'httpd_can_network_connect': 'on',
'httpd_manage_ipa': 'on', 'httpd_manage_ipa': 'on',

7
ipaserver/install/adtrustinstance.py
View File

@@ -45,6 +45,7 @@ import ipapython.errors
import ipaclient.install.ipachangeconf import ipaclient.install.ipachangeconf
from ipaplatform import services from ipaplatform import services
from ipaplatform.constants import constants
from ipaplatform.paths import paths from ipaplatform.paths import paths
from ipaplatform.tasks import tasks from ipaplatform.tasks import tasks
@@ -60,8 +61,6 @@ configuration was not set up properly. Please run ipa-ldap-updater manually
and re-run ipa-adtrust-instal again afterwards. and re-run ipa-adtrust-instal again afterwards.
""" """
SELINUX_BOOLEAN_SETTINGS = {'samba_portmapper': 'on'}
def check_inst(): def check_inst():
for smbfile in [paths.SMBD, paths.NET]: for smbfile in [paths.SMBD, paths.NET]:
@@ -593,7 +592,7 @@ class ADTRUSTInstance(service.Service):
def __configure_selinux_for_smbd(self): def __configure_selinux_for_smbd(self):
try: try:
tasks.set_selinux_booleans(SELINUX_BOOLEAN_SETTINGS, tasks.set_selinux_booleans(constants.SELINUX_BOOLEAN_ADTRUST,
self.backup_state) self.backup_state)
except ipapython.errors.SetseboolError as e: except ipapython.errors.SetseboolError as e:
self.print_msg(e.format_service_warning('adtrust service')) self.print_msg(e.format_service_warning('adtrust service'))
@@ -880,7 +879,7 @@ class ADTRUSTInstance(service.Service):
# Restore the state of affected selinux booleans # Restore the state of affected selinux booleans
boolean_states = {name: self.restore_state(name) boolean_states = {name: self.restore_state(name)
for name in SELINUX_BOOLEAN_SETTINGS} for name in constants.SELINUX_BOOLEAN_ADTRUST}
try: try:
tasks.set_selinux_booleans(boolean_states) tasks.set_selinux_booleans(boolean_states)
except ipapython.errors.SetseboolError as e: except ipapython.errors.SetseboolError as e:

2
ipaserver/install/ipa_restore.py
View File

@@ -799,7 +799,7 @@ class Restore(admintool.AdminTool):
bools = dict(constants.SELINUX_BOOLEAN_HTTPD) bools = dict(constants.SELINUX_BOOLEAN_HTTPD)
if 'ADTRUST' in self.backup_services: if 'ADTRUST' in self.backup_services:
if adtrustinstance: if adtrustinstance:
bools.update(adtrustinstance.SELINUX_BOOLEAN_SETTINGS) bools.update(constants.SELINUX_BOOLEAN_ADTRUST)
else: else:
self.log.error( self.log.error(
'The AD trust package was not found, ' 'The AD trust package was not found, '