diff options
Diffstat (limited to 'install/oddjob')
-rw-r--r-- | install/oddjob/Makefile.am | 3 | ||||
-rw-r--r-- | install/oddjob/etc/dbus-1/system.d/org.freeipa.server.conf | 21 | ||||
-rw-r--r-- | install/oddjob/etc/oddjobd.conf.d/ipa-server.conf | 20 | ||||
-rwxr-xr-x | install/oddjob/org.freeipa.server.conncheck | 2 |
4 files changed, 46 insertions, 0 deletions
diff --git a/install/oddjob/Makefile.am b/install/oddjob/Makefile.am index 5cdaf2b29..fb64f6cf4 100644 --- a/install/oddjob/Makefile.am +++ b/install/oddjob/Makefile.am @@ -6,14 +6,17 @@ dbusconfdir = $(sysconfdir)/dbus-1/system.d oddjob_SCRIPTS = \ com.redhat.idm.trust-fetch-domains \ + org.freeipa.server.conncheck \ $(NULL) dbusconf_DATA = \ etc/dbus-1/system.d/oddjob-ipa-trust.conf \ + etc/dbus-1/system.d/org.freeipa.server.conf \ $(NULL) oddjobconf_DATA = \ etc/oddjobd.conf.d/oddjobd-ipa-trust.conf \ + etc/oddjobd.conf.d/ipa-server.conf \ $(NULL) diff --git a/install/oddjob/etc/dbus-1/system.d/org.freeipa.server.conf b/install/oddjob/etc/dbus-1/system.d/org.freeipa.server.conf new file mode 100644 index 000000000..b2cbf746f --- /dev/null +++ b/install/oddjob/etc/dbus-1/system.d/org.freeipa.server.conf @@ -0,0 +1,21 @@ +<!DOCTYPE busconfig PUBLIC + "-//freedesktop//DTD D-BUS Bus Configuration 1.0//EN" + "http://www.freedesktop.org/standards/dbus/1.0/busconfig.dtd"> + +<busconfig> + + <policy user="root"> + <allow own="org.freeipa.server"/> + + <allow send_destination="org.freeipa.server" send_interface="org.freeipa.server"/> + </policy> + + <policy user="apache"> + <allow send_destination="org.freeipa.server" send_interface="org.freeipa.server"/> + </policy> + + <policy context="default"> + <allow send_destination="org.freeipa.server" send_interface="org.freedesktop.DBus.Introspectable"/> + </policy> + +</busconfig> diff --git a/install/oddjob/etc/oddjobd.conf.d/ipa-server.conf b/install/oddjob/etc/oddjobd.conf.d/ipa-server.conf new file mode 100644 index 000000000..3f806966b --- /dev/null +++ b/install/oddjob/etc/oddjobd.conf.d/ipa-server.conf @@ -0,0 +1,20 @@ +<?xml version="1.0"?> +<oddjobconfig> + <service name="org.freeipa.server"> + <allow user="root"/> + <allow user="apache"/> + <object name="/"> + <interface name="org.freeipa.server"> + <method name="conncheck"> + <helper exec="/usr/libexec/ipa/oddjob/org.freeipa.server.conncheck" + arguments="1" + prepend_user_name="no" + argument_passing_method="cmdline"/> + </method> + </interface> + <interface name="org.freedesktop.DBus.Introspectable"> + <allow min_uid="0" max_uid="0"/> + </interface> + </object> + </service> +</oddjobconfig> diff --git a/install/oddjob/org.freeipa.server.conncheck b/install/oddjob/org.freeipa.server.conncheck new file mode 100755 index 000000000..ab7a46a86 --- /dev/null +++ b/install/oddjob/org.freeipa.server.conncheck @@ -0,0 +1,2 @@ +#!/bin/sh +exec /usr/sbin/ipa-replica-conncheck --replica "$1" 2>&1 |