eb6c560542
Resolves: rhbz#1392916 - sssd failes to start after update
Resolves: rhbz#1398789 - SELinux is preventing sssd from 'write' accesses
on the directory /etc/sssd
51 lines
1.5 KiB
Diff
51 lines
1.5 KiB
Diff
From c0a516f5d91290135c6b019a8a9d269edf8214cd Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fidencio@redhat.com>
|
|
Date: Mon, 17 Oct 2016 17:07:56 +0200
|
|
Subject: [PATCH 25/39] SECRETS: Fix secrets rule in the allowed sections
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
We have been matching an invalid subsection of the secrets' section,
|
|
like:
|
|
[secrets/users/]
|
|
|
|
Let's ensure that we only match the following cases:
|
|
[secrets]
|
|
[secrets/users/[0-9]+]
|
|
|
|
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
|
|
|
|
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
|
(cherry picked from commit da8801c363716533f60bc78e10f3a2100cebc3a1)
|
|
(cherry picked from commit 2535993d81c7d0dbbd6c6fab6f45b338845535cf)
|
|
---
|
|
src/config/cfg_rules.ini | 4 ++--
|
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini
|
|
index ec716b558..24937c969 100644
|
|
--- a/src/config/cfg_rules.ini
|
|
+++ b/src/config/cfg_rules.ini
|
|
@@ -8,7 +8,7 @@ section = autofs
|
|
section = ssh
|
|
section = pac
|
|
section = ifp
|
|
-section_re = ^secrets\(/users/\([0-9]\+\)\?\)\?$
|
|
+section_re = ^secrets\(/users/[0-9]\+\)\?$
|
|
section_re = ^domain/.*$
|
|
|
|
[rule/allowed_sssd_options]
|
|
@@ -213,7 +213,7 @@ option = user_attributes
|
|
|
|
[rule/allowed_sec_options]
|
|
validator = ini_allowed_options
|
|
-section_re = ^secrets\(/users/\([0-9]\+\)\?\)\?$
|
|
+section_re = ^secrets\(/users/[0-9]\+\)\?$
|
|
|
|
option = timeout
|
|
option = debug
|
|
--
|
|
2.11.0
|
|
|