From b49942fe96babbc27a225f5cf584d2c27c6b45ff Mon Sep 17 00:00:00 2001 From: Rob Crittenden Date: Mon, 3 Mar 2008 16:14:48 -0500 Subject: Close all fds when running another program. This fixes the SELinux AVCs. Put installation log files into /var/log. 430024 --- ipa-client/ipa-install/ipa-client-install | 2 +- ipa-python/ipautil.py | 2 +- ipa-server/ipa-install/ipa-server-install | 3 ++- 3 files changed, 4 insertions(+), 3 deletions(-) diff --git a/ipa-client/ipa-install/ipa-client-install b/ipa-client/ipa-install/ipa-client-install index a2106a59..31eadd9c 100644 --- a/ipa-client/ipa-install/ipa-client-install +++ b/ipa-client/ipa-install/ipa-client-install @@ -54,7 +54,7 @@ def logging_setup(options): # file. logging.basicConfig(level=logging.DEBUG, format='%(asctime)s %(levelname)s %(message)s', - filename='ipaclient-install.log', + filename='/var/log/ipaclient-install.log', filemode='w') console = logging.StreamHandler() diff --git a/ipa-python/ipautil.py b/ipa-python/ipautil.py index 919d4a6b..4e065fc4 100644 --- a/ipa-python/ipautil.py +++ b/ipa-python/ipautil.py @@ -71,7 +71,7 @@ def write_tmp_file(txt): return fd def run(args, stdin=None): - p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE) + p = subprocess.Popen(args, stdout=subprocess.PIPE, stderr=subprocess.PIPE, close_fds=True) if stdin: stdout,stderr = p.communicate(stdin) else: diff --git a/ipa-server/ipa-install/ipa-server-install b/ipa-server/ipa-install/ipa-server-install index 77787b15..213fbc15 100644 --- a/ipa-server/ipa-install/ipa-server-install +++ b/ipa-server/ipa-install/ipa-server-install @@ -316,7 +316,8 @@ def main(): signal.signal(signal.SIGTERM, signal_handler) signal.signal(signal.SIGINT, signal_handler) - standard_logging_setup("ipaserver-install.log", options.debug) + standard_logging_setup("/var/log/ipaserver-install.log", options.debug) + print "\nThe log file for this installation can be found in /var/log/ipaserver-install.log") if options.uninstall: return uninstall() -- cgit