diff options
Diffstat (limited to 'base/server/python/pki/server/deployment/scriptlets/selinux_setup.py')
-rw-r--r-- | base/server/python/pki/server/deployment/scriptlets/selinux_setup.py | 62 |
1 files changed, 31 insertions, 31 deletions
diff --git a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py index 177233afc..7301192a5 100644 --- a/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py +++ b/base/server/python/pki/server/deployment/scriptlets/selinux_setup.py @@ -36,15 +36,15 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): rv = 0 suffix = "(/.*)?" - def restore_context(self, master_dict): - selinux.restorecon(master_dict['pki_instance_path'], True) + def restore_context(self, mdict): + selinux.restorecon(mdict['pki_instance_path'], True) selinux.restorecon(config.PKI_DEPLOYMENT_LOG_ROOT, True) - selinux.restorecon(master_dict['pki_instance_log_path'], True) - selinux.restorecon(master_dict['pki_instance_configuration_path'], True) + selinux.restorecon(mdict['pki_instance_log_path'], True) + selinux.restorecon(mdict['pki_instance_configuration_path'], True) def spawn(self, deployer): - if config.str2bool(deployer.master_dict['pki_skip_installation']): + if config.str2bool(deployer.mdict['pki_skip_installation']): config.pki_log.info(log.SKIP_SELINUX_SPAWN_1, __name__, extra=config.PKI_INDENTATION_LEVEL_1) return self.rv @@ -62,46 +62,46 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): while True: try: # check first if any transactions are required - if len(ports) == 0 and deployer.master_dict['pki_instance_name'] == \ + if len(ports) == 0 and deployer.mdict['pki_instance_name'] == \ config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: - self.restore_context(deployer.master_dict) + self.restore_context(deployer.mdict) return self.rv # add SELinux contexts when adding the first subsystem - if deployer.master_dict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ + if deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and\ deployer.instance.apache_instance_subsystems() == 1 or\ - deployer.master_dict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ + deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and\ len(deployer.instance.tomcat_instance_subsystems()) == 1: trans = seobject.semanageRecords("targeted") trans.start() - if deployer.master_dict['pki_instance_name'] != \ + if deployer.mdict['pki_instance_name'] != \ config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: fcon = seobject.fcontextRecords() config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.master_dict['pki_instance_path'] + self.suffix, + deployer.mdict['pki_instance_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.master_dict['pki_instance_path'] + self.suffix, + fcon.add(deployer.mdict['pki_instance_path'] + self.suffix, config.PKI_INSTANCE_SELINUX_CONTEXT, "", "s0", "") config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.master_dict['pki_instance_log_path'] + self.suffix, + deployer.mdict['pki_instance_log_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.master_dict['pki_instance_log_path'] + self.suffix, + fcon.add(deployer.mdict['pki_instance_log_path'] + self.suffix, config.PKI_LOG_SELINUX_CONTEXT, "", "s0", "") config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.master_dict['pki_instance_configuration_path'] + self.suffix, + deployer.mdict['pki_instance_configuration_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.master_dict['pki_instance_configuration_path'] + self.suffix, + fcon.add(deployer.mdict['pki_instance_configuration_path'] + self.suffix, config.PKI_CFG_SELINUX_CONTEXT, "", "s0", "") config.pki_log.info("adding selinux fcontext \"%s\"", - deployer.master_dict['pki_database_path'] + self.suffix, + deployer.mdict['pki_database_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.add(deployer.master_dict['pki_database_path'] + self.suffix, + fcon.add(deployer.mdict['pki_database_path'] + self.suffix, config.PKI_CERTDB_SELINUX_CONTEXT, "", "s0", "") portRecords = seobject.portRecords() @@ -112,7 +112,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): trans.finish() - self.restore_context(deployer.master_dict) + self.restore_context(deployer.mdict) break except ValueError as e: error_message = str(e) @@ -138,7 +138,7 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): extra=config.PKI_INDENTATION_LEVEL_1) # check first if any transactions are required - if (len(ports) == 0 and deployer.master_dict['pki_instance_name'] == + if (len(ports) == 0 and deployer.mdict['pki_instance_name'] == config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME): return self.rv # A maximum of 10 tries to delete the SELinux contexts @@ -147,39 +147,39 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet): while True: try: # remove SELinux contexts when removing the last subsystem - if (deployer.master_dict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and + if (deployer.mdict['pki_subsystem'] in config.PKI_APACHE_SUBSYSTEMS and deployer.instance.apache_instance_subsystems() == 0 or - deployer.master_dict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and + deployer.mdict['pki_subsystem'] in config.PKI_TOMCAT_SUBSYSTEMS and len(deployer.instance.tomcat_instance_subsystems()) == 0): trans = seobject.semanageRecords("targeted") trans.start() - if deployer.master_dict['pki_instance_name'] != \ + if deployer.mdict['pki_instance_name'] != \ config.PKI_DEPLOYMENT_DEFAULT_TOMCAT_INSTANCE_NAME: fcon = seobject.fcontextRecords() config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.master_dict['pki_instance_path'] + self.suffix, + deployer.mdict['pki_instance_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.master_dict['pki_instance_path'] + self.suffix , "") + fcon.delete(deployer.mdict['pki_instance_path'] + self.suffix , "") config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.master_dict['pki_instance_log_path'] + self.suffix, + deployer.mdict['pki_instance_log_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.master_dict['pki_instance_log_path'] + self.suffix, "") + fcon.delete(deployer.mdict['pki_instance_log_path'] + self.suffix, "") config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.master_dict['pki_instance_configuration_path'] + self.suffix, + deployer.mdict['pki_instance_configuration_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.master_dict['pki_instance_configuration_path'] + + fcon.delete(deployer.mdict['pki_instance_configuration_path'] + self.suffix, "") config.pki_log.info("deleting selinux fcontext \"%s\"", - deployer.master_dict['pki_database_path'] + self.suffix, + deployer.mdict['pki_database_path'] + self.suffix, extra=config.PKI_INDENTATION_LEVEL_2) - fcon.delete(deployer.master_dict['pki_database_path'] + self.suffix , "") + fcon.delete(deployer.mdict['pki_database_path'] + self.suffix , "") portRecords = seobject.portRecords() for port in ports: |