diff options
author | Rob Crittenden <rcritten@redhat.com> | 2012-11-01 10:13:01 -0400 |
---|---|---|
committer | Rob Crittenden <rcritten@redhat.com> | 2012-11-02 10:18:22 -0400 |
commit | 56beef9f775a28973106d074b191c48ab99d179d (patch) | |
tree | 050e661717fa4d135416859b0a7d58a437b7cf5b /install | |
parent | 343e90eff6c93de536539f0abc3fe9e516beeb2b (diff) | |
download | freeipa.git-56beef9f775a28973106d074b191c48ab99d179d.tar.gz freeipa.git-56beef9f775a28973106d074b191c48ab99d179d.tar.xz freeipa.git-56beef9f775a28973106d074b191c48ab99d179d.zip |
Set MLS/MCS for user_u context to what will be on remote systems.
The user_u context in the default list was broader than is actually
configured by default on systems.
https://fedorahosted.org/freeipa/ticket/3224
Diffstat (limited to 'install')
-rw-r--r-- | install/share/bootstrap-template.ldif | 2 | ||||
-rw-r--r-- | install/updates/50-ipaconfig.update | 2 |
2 files changed, 2 insertions, 2 deletions
diff --git a/install/share/bootstrap-template.ldif b/install/share/bootstrap-template.ldif index a17f2518..bf7de348 100644 --- a/install/share/bootstrap-template.ldif +++ b/install/share/bootstrap-template.ldif @@ -381,7 +381,7 @@ ipaUserObjectClasses: ipasshuser ipaDefaultEmailDomain: $DOMAIN ipaMigrationEnabled: FALSE ipaConfigString: AllowNThash -ipaSELinuxUserMapOrder: guest_u:s0$$xguest_u:s0$$user_u:s0-s0:c0.c1023$$staff_u:s0-s0:c0.c1023$$unconfined_u:s0-s0:c0.c1023 +ipaSELinuxUserMapOrder: guest_u:s0$$xguest_u:s0$$user_u:s0$$staff_u:s0-s0:c0.c1023$$unconfined_u:s0-s0:c0.c1023 ipaSELinuxUserMapDefault: unconfined_u:s0-s0:c0.c1023 dn: cn=cosTemplates,cn=accounts,$SUFFIX diff --git a/install/updates/50-ipaconfig.update b/install/updates/50-ipaconfig.update index 0992db4e..69783f13 100644 --- a/install/updates/50-ipaconfig.update +++ b/install/updates/50-ipaconfig.update @@ -1,5 +1,5 @@ dn: cn=ipaConfig,cn=etc,$SUFFIX -add:ipaSELinuxUserMapOrder: guest_u:s0$$xguest_u:s0$$user_u:s0-s0:c0.c1023$$staff_u:s0-s0:c0.c1023$$unconfined_u:s0-s0:c0.c1023 +add:ipaSELinuxUserMapOrder: guest_u:s0$$xguest_u:s0$$user_u:s0$$staff_u:s0-s0:c0.c1023$$unconfined_u:s0-s0:c0.c1023 add:ipaSELinuxUserMapDefault: unconfined_u:s0-s0:c0.c1023 add:ipaUserObjectClasses: ipasshuser |