diff options
author | John Dennis <jdennis@redhat.com> | 2015-01-26 17:11:03 -0500 |
---|---|---|
committer | John Dennis <jdennis@redhat.com> | 2015-01-26 17:51:03 -0500 |
commit | cbeb708c20514c79c19ed37e48b6f9be28019aac (patch) | |
tree | 2c0e0f63d0bb1a231eb22577d18e9a88b451926d /ipsilon/info/infoldap.py | |
parent | 9f8b66c72a015050f20a5d789a5f997b0f4ce925 (diff) | |
download | ipsilon-httpd_avc.tar.gz ipsilon-httpd_avc.tar.xz ipsilon-httpd_avc.zip |
set SELinux boolean httpd_can_connect_ldap when install infolap and authldaphttpd_avc
Signed-off-by: John Dennis <jdennis@redhat.com>
Diffstat (limited to 'ipsilon/info/infoldap.py')
-rw-r--r-- | ipsilon/info/infoldap.py | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/ipsilon/info/infoldap.py b/ipsilon/info/infoldap.py index 6ba5b0d..498d433 100644 --- a/ipsilon/info/infoldap.py +++ b/ipsilon/info/infoldap.py @@ -8,6 +8,7 @@ from ipsilon.info.common import InfoMapping from ipsilon.util.plugin import PluginObject from ipsilon.util import config as pconfig import ldap +import subprocess # TODO: fetch mapping from configuration @@ -197,3 +198,11 @@ class Installer(InfoProviderInstaller): # Update global config to add login plugin po.is_enabled = True po.save_enabled_state() + + # For selinux enabled platforms permit httpd to connect to ldap, + # ignore if it fails + try: + subprocess.call(['/usr/sbin/setsebool', '-P', + 'httpd_can_connect_ldap=on']) + except Exception: # pylint: disable=broad-except + pass |