Restore SELinux context for p11-kit config overrides

When 74e09087 started disabling softshm2 module in p11-kit-proxy, we missed to restore SELinux context on the configuration override creation. We don't need an explicit restore_context() when removing the override because restore_file() already calls restore_context(). Related: https://pagure.io/freeipa/issue/7810 Signed-off-by: Alexander Bokovoy <abokovoy@redhat.com> Reviewed-By: Christian Heimes <cheimes@redhat.com> Reviewed-By: Rob Crittenden <rcritten@redhat.com>
2025-02-25 18:55:28 -06:00 · 2019-08-01 10:08:36 +03:00 · 2019-08-01 10:08:36 +03:00 · 8f969a5929
commit 8f969a5929
parent 3c82585e52
1 changed files with 1 additions and 0 deletions
--- a/ipaplatform/redhat/tasks.py
+++ b/ipaplatform/redhat/tasks.py
@ -717,6 +717,7 @@ class RedHatTaskNamespace(BaseTaskNamespace):
                # see man(5) pkcs11.conf
                f.write("disable-in: {}\n".format(", ".join(disabled_in)))
                os.fchmod(f.fileno(), 0o644)
+            self.restore_context(filename)
            logger.debug("Created PKCS#11 module config '%s'.", filename)
            filenames.append(filename)