IntenseWebs/freeipa
3
0
Fork 0
mirror of https://salsa.debian.org/freeipa-team/freeipa.git synced 2024-12-28 01:41:14 -06:00
Code Issues Packages Projects Releases Wiki Activity
fcc99813f5
freeipa/daemons/dnssec/ipa-ods-exporter.socket.in
Christian Heimes e881e35783 Fix various OpenDNSSEC 2.1 issues 
Require OpenDNSSEC 2.1.6-5 with fix for RHBZ#1825812 (DAC override AVC)

Allow ipa-dnskeysyncd to connect to enforcer.sock (ipa_dnskey_t write
opendnssec_var_run_t and connectto opendnssec_t). The
opendnssec_stream_connect interface is available since 2016.

Change the owner of the ipa-ods-exporter socket to ODS_USER:ODS_GROUP.
The ipa-ods-exporter service already runs as ODS_USER.

Fixes: https://pagure.io/freeipa/issue/8283
Signed-off-by: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Florence Blanc-Renaud <frenaud@redhat.com>
2020-04-21 21:37:06 +02:00

8 lines
140 B
SYSTEMD
Raw Blame History

[Socket]
ListenStream=@runstatedir@/opendnssec/engine.sock
SocketUser=@ODS_USER@
SocketGroup=@ODS_GROUP@
[Install]
WantedBy=sockets.target
Reference in New Issue View Git Blame Copy Permalink