IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-23 07:33:27 -06:00
Code Issues Packages Projects Releases Wiki Activity
c6efd4c7aa
freeipa/selinux
History
Martin Kosek c8d522bc98 Update SELinux policy for dogtag10 
Incorporate SELinux policy changes introduced in Dogtag 10 in IPA
SELinux policy:
- dogtag10 now runs with pki_tomcat_t context instead of pki_ca_t
- certmonger related rule are now integrated in system policy and
  can be removed from IPA policy

Also remove redundant SELinux rules for connection of httpd_t, krb5kdc_t
or named_t to DS socket. The socket has different target type anyway
(dirsrv_var_run_t) and the policy allowing this is already in
system.

https://fedorahosted.org/freeipa/ticket/3234
2012-11-30 11:12:51 -05:00
..
ipa_dogtag Update SELinux policy for dogtag10 2012-11-30 11:12:51 -05:00
ipa_httpd Update SELinux policy for dogtag10 2012-11-30 11:12:51 -05:00
ipa_webgui Add conditional for new SELinux capabilities available in Fedora 11 2009-07-23 14:59:20 -04:00
ipa-server-selinux.spec.in daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00
Makefile daemons: Remove ipa_kpasswd 2011-08-26 08:26:08 -04:00