IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-22 15:13:50 -06:00
Code Issues Packages Projects Releases Wiki Activity
89021d8b9d
freeipa/selinux
History
Rob Crittenden f8798b3e16 Add SELinux subpackage for Thales Luna HSM support 
This is simple, a port needs to be available to certmonger
to communicate during renewals of CA subsystem certificats.

Signed-off-by: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
2024-05-16 08:46:32 -04:00
..
luna Add SELinux subpackage for Thales Luna HSM support 2024-05-16 08:46:32 -04:00
nfast Add SELinux subpackage for nCipher nfast HSM support 2024-05-16 08:46:32 -04:00
ipa.fc passkey: adjust selinux security context for passkey_child 2023-06-01 08:20:37 +02:00
ipa.if Add ipa_pki_retrieve_key_exec() interface 2020-09-23 15:23:28 +02:00
ipa.te Update SELinux policy to allow certmonger to PKI config files 2024-05-16 08:46:32 -04:00
Makefile.am Integrate SELinux policy into build system 2020-03-05 09:57:00 +01:00
README.md Move freeipa-selinux dependency to freeipa-common 2020-03-20 15:18:30 +01:00

README.md

IPA SELinux policy

The ipa SELinux policy is used by IPA client and server. The policy was forked off from Fedora upstream policy at commit b1751347f4af99de8c88630e2f8d0a352d7f5937.

Some file locations are owned by other policies:

  • /var/lib/ipa/pki-ca/publish(/.*)? is owned by Dogtag PKI policy
  • /usr/lib/ipa/certmonger(/.*)? is owned by certmonger policy
  • /var/lib/ipa-client(/.*)? is owned by realmd policy