IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2025-02-25 18:55:28 -06:00
Code Issues Packages Projects Releases Wiki Activity

Add SELinux policy for CRL file publishing.

Browse Source 
This policy should really be provided by dogtag. We don't want
to grant read/write access to everything dogtag can handle so we
change the context to cert_t instead. But we have to let dogtag
read/write that too hence this policy.

To top it off we can't load this policy unless dogtag is also loaded
so we insert it in the IPA installer
This commit is contained in:
Rob Crittenden
2009-11-25 13:42:52 -05:00
committed by Jason Gerard DeRose
parent 986c4e23e7
commit cfec51819b
5 changed files with 59 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
ipa.spec.in
View File

@@ -418,6 +418,7 @@ fi
%files server-selinux
%{_usr}/share/selinux/targeted/ipa_kpasswd.pp
%{_usr}/share/selinux/targeted/ipa_httpd.pp
%{_usr}/share/selinux/targeted/ipa_dogtag.pp
%endif
%files client