e7de033e9e
- Restore SELinux context of template_dir /var/log/dirsrv/slapd-X (pagure#7662) - Add "389-ds-base-legacy-tools" to requires - Refactor os-release and platform information (#1609475) - Don't check for systemd service (#1609475) - Switched to upstream spec file with small adaptions
64 lines
2.4 KiB
Diff
64 lines
2.4 KiB
Diff
commit f7516979241ed80a48250784051a82457e2df7aa
|
|
Author: Thomas Woerner <twoerner@redhat.com>
|
|
Date: Thu Aug 2 11:22:55 2018 +0200
|
|
|
|
httpinstance: Restore SELinux context of session_dir /etc/httpd/alias
|
|
|
|
The session directory /etc/httpd/alias/ could be created with the wrong
|
|
SELinux context. Therefore httpd was not able to write to this directory.
|
|
|
|
Fixes: https://pagure.io/freeipa/issue/7662
|
|
|
|
Related-to: 49b4a057f1b0459331bcec2c8d760627d00e4571 (Create missing
|
|
/etc/httpd/alias for ipasession.key)
|
|
|
|
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
|
diff --git a/ipaserver/install/httpinstance.py b/ipaserver/install/httpinstance.py
|
|
index 62b563fb2..1b1e7a03d 100644
|
|
--- a/ipaserver/install/httpinstance.py
|
|
+++ b/ipaserver/install/httpinstance.py
|
|
@@ -183,6 +183,9 @@ class HTTPInstance(service.Service):
|
|
os.makedirs(session_dir)
|
|
# Must be world-readable / executable
|
|
os.chmod(session_dir, 0o755)
|
|
+ # Restore SELinux context of session_dir /etc/httpd/alias, see
|
|
+ # https://pagure.io/freeipa/issue/7662
|
|
+ tasks.restore_context(session_dir)
|
|
|
|
target_fname = paths.HTTPD_IPA_CONF
|
|
http_txt = ipautil.template_file(
|
|
|
|
commit 354d7297e8e0d97da22c0469ab96f30fdfc4a1ea
|
|
Author: Thomas Woerner <twoerner@redhat.com>
|
|
Date: Thu Aug 2 11:32:05 2018 +0200
|
|
|
|
ipa_restore: Restore SELinux context of template_dir /var/log/dirsrv/slapd-X
|
|
|
|
The template directory /var/log/dirsrv/slapd-X could be created with the
|
|
wrong SELinux context.
|
|
|
|
Related to: https://pagure.io/freeipa/issue/7662
|
|
|
|
Reviewed-By: Christian Heimes <cheimes@redhat.com>
|
|
|
|
diff --git a/ipaserver/install/ipa_restore.py b/ipaserver/install/ipa_restore.py
|
|
index 48b95ed18..1916d3063 100644
|
|
--- a/ipaserver/install/ipa_restore.py
|
|
+++ b/ipaserver/install/ipa_restore.py
|
|
@@ -607,10 +607,13 @@ class Restore(admintool.AdminTool):
|
|
logger.info("Waiting for LDIF to finish")
|
|
wait_for_task(conn, dn)
|
|
else:
|
|
+ template_dir = paths.VAR_LOG_DIRSRV_INSTANCE_TEMPLATE % instance
|
|
try:
|
|
- os.makedirs(paths.VAR_LOG_DIRSRV_INSTANCE_TEMPLATE % instance)
|
|
+ os.makedirs(template_dir)
|
|
except OSError as e:
|
|
pass
|
|
+ # Restore SELinux context of template_dir
|
|
+ tasks.restore_context(template_dir)
|
|
|
|
args = [paths.LDIF2DB,
|
|
'-Z', instance,
|