From 5fd74e0e0c9407306e99ef4fd2e776cb911ee94a Mon Sep 17 00:00:00 2001
From: Ade Lee <alee@redhat.com>
Date: Tue, 10 Jul 2012 11:50:59 -0400
Subject: Selinux policy for new configuration.

Added tomcat_t for java processes.  Added aliases for old types to allow
compatibility of existng subsystems.  Added install scripts for pkispawn
and pkidestroy
---
 base/deploy/src/scriptlets/initialization.py | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'base/deploy/src/scriptlets/initialization.py')

diff --git a/base/deploy/src/scriptlets/initialization.py b/base/deploy/src/scriptlets/initialization.py
index cc516532e..368cf2595 100644
--- a/base/deploy/src/scriptlets/initialization.py
+++ b/base/deploy/src/scriptlets/initialization.py
@@ -50,6 +50,9 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
         util.configuration_file.verify_sensitive_data()
         # verify existence of MUTUALLY EXCLUSIVE configuration file data
         util.configuration_file.verify_mutually_exclusive_data()
+        # verify selinux context of selected ports
+        util.configuration_file.populate_non_default_ports()
+        util.configuration_file.verify_selinux_ports()
         return self.rv
 
     def respawn(self):
@@ -80,6 +83,8 @@ class PkiScriptlet(pkiscriptlet.AbstractBasePkiScriptlet):
         # establish 'uid' and 'gid'
         util.identity.set_uid(master['pki_user'])
         util.identity.set_gid(master['pki_group'])
+        # get ports to remove selinux context
+        util.configuration_file.populate_non_default_ports()
         # ALWAYS Stop this Apache/Tomcat PKI Process
         util.systemd.stop()
         return self.rv
-- 
cgit