mirror of
https://salsa.debian.org/freeipa-team/freeipa.git
synced 2024-12-25 16:31:08 -06:00
d23322434f
The SELinux policy defines file contexts that are also used by clients, e.g. /var/log/ipa/. Make freeipa-selinux a dependency of freeipa-common. Related: https://pagure.io/freeipa/issue/6891 Signed-off-by: Christian Heimes <cheimes@redhat.com> Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
12 lines
498 B
Markdown
12 lines
498 B
Markdown
# IPA SELinux policy
|
|
|
|
The ``ipa`` SELinux policy is used by IPA client and server. The
|
|
policy was forked off from [Fedora upstream policy](https://github.com/fedora-selinux/selinux-policy-contrib)
|
|
at commit ``b1751347f4af99de8c88630e2f8d0a352d7f5937``.
|
|
|
|
Some file locations are owned by other policies:
|
|
|
|
* ``/var/lib/ipa/pki-ca/publish(/.*)?`` is owned by Dogtag PKI policy
|
|
* ``/usr/lib/ipa/certmonger(/.*)?`` is owned by certmonger policy
|
|
* ``/var/lib/ipa-client(/.*)?`` is owned by realmd policy
|