389-ds-base

Clone
Source Code
GIT

#47433 With SeLinux, ports can be labelled per range. setup-ds.pl or setup-ds-admin.pl fail to detect already ranged labelled ports
Closed: wontfix None Opened 10 years ago by tbordaz.

Closed: wontfix
Reopen Issue

With SeLinux it is possible to label ports per range: semanage port -a -t ldap_port_t -p tcp 1389-1391

If we want to create an instance (setup-ds.pl or setup-ds-admin.pl) with port 1390 for example, the script checks if the port has the 'ldap_port_t' label (using 'semanage port -l). But the port being covered by a range rather being present in the ports list, the script fails to detect that the port is correctly labelled. Then it relabel it, that takes a long time.

This could be fixed by something like:

diff /usr/lib64/dirsrv/perl/DSCreate.pm ./DSCreate.pm
1010,1013c1010,1023
< if ($inf->{slapd}->{ServerPort} == $labeledport) {
< $need_label = 0;
< last;
< }

    if (index($labeledport, "-") == -1) {
        # this is not a range
        if ($inf->{slapd}->{ServerPort} == $labeledport) {
            $need_label = 0;
            last;
        }
    } else {
        # this is a range
        my @range = split(/-/, $labeledport);
        if ((@range[0] <= $inf->{slapd}->{ServerPort}) && ($inf->{slapd}->{ServerPort} <= @range[1])) {
            $need_label = 0;
            last;
        }
    }

git merge ticket47433

Updating b6b8d7b..2d6d9ac
Fast-forward
ldap/admin/src/scripts/DSCreate.pm.in | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)

git push origin master

Counting objects: 13, done.
Delta compression using up to 4 threads.
Compressing objects: 100% (6/6), done.
Writing objects: 100% (7/7), 1.13 KiB, done.
Total 7 (delta 5), reused 0 (delta 0)
To ssh://git.fedorahosted.org/git/389/ds.git
b6b8d7b..2d6d9ac master -> master

commit 2d6d9ac
Author: Thierry bordaz (tbordaz) tbordaz@redhat.com
Date: Tue Aug 20 15:45:51 2013 +0200

Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=1044151

Metadata Update from @nkinder:
- Issue assigned to tbordaz
- Issue set to the milestone: 1.3.2 - 08/13 (August)
7 years ago

389-ds-base is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in 389-ds-base's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/389ds/389-ds-base/issues/770

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Metadata Update from @spichugi:
- Issue close_status updated to: wontfix (was: Fixed)
3 years ago

Login to comment on this ticket.

Metadata
None
None
None
normal
ack
Community
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.