diff options
Diffstat (limited to 'selinux/ipa_httpd/ipa_httpd.fc')
| -rw-r--r-- | selinux/ipa_httpd/ipa_httpd.fc | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/selinux/ipa_httpd/ipa_httpd.fc b/selinux/ipa_httpd/ipa_httpd.fc index b2c6c1a2d..34e87f9da 100644 --- a/selinux/ipa_httpd/ipa_httpd.fc +++ b/selinux/ipa_httpd/ipa_httpd.fc @@ -3,3 +3,8 @@ # /var/cache/ipa/sessions(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /var/cache/ipa/assets(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) + +# Make these files writable so the selfsign plugin can operate +/etc/httpd/alias/cert8.db -- gen_context(system_u:object_r:cert_t,s0) +/etc/httpd/alias/key3.db -- gen_context(system_u:object_r:cert_t,s0) +/var/lib/ipa/ca_serialno -- gen_context(system_u:object_r:cert_t,s0) |