From 6a891d92d8e741f8d66ea43cefc1c11c69affed4 Mon Sep 17 00:00:00 2001
From: Ade Lee <alee@redhat.com>
Date: Mon, 6 Aug 2012 10:25:23 -0400
Subject: Changed selinux context for legacy instances

In the new selinux policy, pki_ca_t etc. are all replaced by
pki_tomcat_t.  To allow old instances to work under dogtag 10, the
context in the run scripts needs to change.
Also added a rule needed by selinux policy.
---
 base/setup/scripts/functions | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'base/setup')

diff --git a/base/setup/scripts/functions b/base/setup/scripts/functions
index 62dc20694..a4318efae 100644
--- a/base/setup/scripts/functions
+++ b/base/setup/scripts/functions
@@ -756,7 +756,7 @@ start_instance()
             export SERVICE_NAME=$PKI_INSTANCE_ID
 
             if [ -x /usr/sbin/selinuxenabled ] && /usr/sbin/selinuxenabled; then
-                /usr/bin/runcon -t pki_${PKI_SUBSYSTEM_TYPE}_script_t \
+                /usr/bin/runcon -t pki_tomcat_script_t \
                      $PKI_INSTANCE_INITSCRIPT start
                 rv=$?
             else
-- 
cgit