update to 0.70
- add a --with-homedir option to configure, and use it, since subprocesses which we run and which use NSS may attempt to write to $HOME/.pki, and 0.69's strategy of setting that to "/" was rightly hitting SELinux policy denials (#1047798)
This commit is contained in:
Nalin Dahyabhai
parent
05449cb7fb
commit
8562aa3ebe
2
.gitignore
vendored
2
.gitignore
vendored
@ -56,3 +56,5 @@ certmonger-0.28.tar.gz
|
||||
/certmonger-0.68.tar.gz.sig
|
||||
/certmonger-0.69.tar.gz
|
||||
/certmonger-0.69.tar.gz.sig
|
||||
/certmonger-0.70.tar.gz
|
||||
/certmonger-0.70.tar.gz.sig
|
||||
|
||||
@ -19,7 +19,7 @@
|
||||
%endif
|
||||
|
||||
Name: certmonger
|
||||
Version: 0.69
|
||||
Version: 0.70
|
||||
Release: 1%{?dist}
|
||||
Summary: Certificate status monitor and PKI enrollment client
|
||||
|
||||
@ -104,6 +104,7 @@ sed -i 's,^# chkconfig: - ,# chkconfig: 345 ,g' sysvinit/certmonger.in
|
||||
%if %{tmpfiles}
|
||||
--enable-tmpfiles \
|
||||
%endif
|
||||
--with-homedir=/var/run/certmonger \
|
||||
--with-tmpdir=/var/run/certmonger --enable-pie --enable-now
|
||||
# For some reason, some versions of xmlrpc-c-config in Fedora and RHEL just
|
||||
# tell us about libxmlrpc_client, but we need more. Work around.
|
||||
@ -201,6 +202,15 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Thu Jan 2 2014 Nalin Dahyabhai <nalin@redhat.com> 0.70-1
|
||||
- add a --with-homedir option to configure, and use it, since subprocesses
|
||||
which we run and which use NSS may attempt to write to $HOME/.pki, and
|
||||
0.69's strategy of setting that to "/" was rightly hitting SELinux policy
|
||||
denials (#1047798)
|
||||
|
||||
* Fri Dec 27 2013 Daniel Mach <dmach@redhat.com> - 0.69-2
|
||||
- Mass rebuild 2013-12-27
|
||||
|
||||
* Mon Dec 9 2013 Nalin Dahyabhai <nalin@redhat.com> 0.69-1
|
||||
- tweak how we decide whether we're on the master or a minion when we're
|
||||
told to use certmaster as a CA
|
||||
|
||||
Loading…
Reference in New Issue
Block a user