IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

selinux: Fix file context definition for /var/run

Browse Source 
There is a file context equivalence rule assigning /run the same
contexts as /var/run. Because of it it's necessary to use /var/run
instead of /run in file context definitions.

See:
https://fedoraproject.org/wiki/SELinux/IndependentPolicy#File_contexts_and_equivalency_rules

Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Francois Cami <fcami@redhat.com>
This commit is contained in:
Vit Mojzis 2021-09-22 13:48:07 +02:00 committed by Rob Crittenden
parent 7a9301c5f9
commit cd85b729d3
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
selinux/ipa.fc
View File

@ -23,7 +23,7 @@
/var/log/ipareplica-conncheck.log.* -- gen_context(system_u:object_r:ipa_log_t,s0)
/run/ipa(/.*)? gen_context(system_u:object_r:ipa_var_run_t,s0)
/var/run/ipa(/.*)? gen_context(system_u:object_r:ipa_var_run_t,s0)
/usr/libexec/ipa/ipa-custodia -- gen_context(system_u:object_r:ipa_custodia_exec_t,s0)
/usr/libexec/ipa/custodia/ipa-custodia-dmldap -- gen_context(system_u:object_r:ipa_custodia_dmldap_exec_t,s0)