akasurde / freeipa

Forked from freeipa 7 years ago
Clone
Source Code
GIT

861d1bb Fix SELinux errors caused by enabling TLS on dogtag 389-ds instance.

Authored and Committed by rcritten 13 years ago
raw patch tree parent
7 files changed. 99 lines added. 43 lines removed.
install/tools/ipa-replica-install
file modified
+7 -19
install/tools/ipa-replica-prepare
file modified
+8 -0
install/tools/ipa-server-install
file modified
+5 -9
ipaserver/install/cainstance.py
file modified
+58 -15
ipaserver/install/dsinstance.py
file modified
+1 -0
ipaserver/install/httpinstance.py
file modified
+1 -0
ipaserver/install/service.py
file modified
+19 -0 
    Fix SELinux errors caused by enabling TLS on dogtag 389-ds instance.
    
    This fixes 2 AVCS:
    
    * One because we are enabling port 7390 because an SSL port must be
      defined to use TLS On 7389.
    * We were symlinking to the main IPA 389-ds NSS certificate databsae.
      Instead generate a separate NSS database and certificate and have
      certmonger track it separately
    
    I also noticed some variable inconsistency in cainstance.py. Everywhere
    else we use self.fqdn and that was using self.host_name. I found it
    confusing so I fixed it.
    
    ticket 1085
file modified
+7 -19
file modified
+8 -0
file modified
+5 -9
file modified
+58 -15
file modified
+1 -0
file modified
+1 -0
file modified
+19 -0
Powered by Pagure 5.14.1
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.