diff options
author | Rob Crittenden <rcritten@redhat.com> | 2012-09-10 17:07:54 -0400 |
---|---|---|
committer | Martin Kosek <mkosek@redhat.com> | 2012-09-13 12:35:55 +0200 |
commit | 29a5d16b2dbc87a959dc953cfd48d584408c07a7 (patch) | |
tree | 8d96970a4b308af9b8bd50d80d1d91db2fd6f63d /ipalib | |
parent | 0dd1fa49136e3ffc761a27c3b334b48d3cefe1d6 (diff) | |
download | freeipa.git-29a5d16b2dbc87a959dc953cfd48d584408c07a7.tar.gz freeipa.git-29a5d16b2dbc87a959dc953cfd48d584408c07a7.tar.xz freeipa.git-29a5d16b2dbc87a959dc953cfd48d584408c07a7.zip |
Set SELinux default context to unconfined_u:s0-s0:c0.c1023
Don't require ipaselinuxdefaultuser to be set. If this is unset then
SSSD will use the system default.
https://fedorahosted.org/freeipa/ticket/3045
Diffstat (limited to 'ipalib')
-rw-r--r-- | ipalib/plugins/config.py | 9 |
1 files changed, 6 insertions, 3 deletions
diff --git a/ipalib/plugins/config.py b/ipalib/plugins/config.py index ef0fd79f..e02519d5 100644 --- a/ipalib/plugins/config.py +++ b/ipalib/plugins/config.py @@ -185,7 +185,7 @@ class config(LDAPObject): label=_('SELinux user map order'), doc=_('Order in increasing priority of SELinux users, delimited by $'), ), - Str('ipaselinuxusermapdefault', + Str('ipaselinuxusermapdefault?', label=_('Default SELinux user'), doc=_('Default SELinux user when no match is found in SELinux map rule'), ), @@ -274,7 +274,10 @@ class config_mod(LDAPUpdate): failedattr = 'ipaselinuxusermapdefault' else: config = ldap.get_ipa_config()[1] - defaultuser = config['ipaselinuxusermapdefault'][0] + if 'ipaselinuxusermapdefault' in config: + defaultuser = config['ipaselinuxusermapdefault'][0] + else: + defaultuser = None if 'ipaselinuxusermaporder' in validate: order = validate['ipaselinuxusermaporder'] @@ -284,7 +287,7 @@ class config_mod(LDAPUpdate): config = ldap.get_ipa_config()[1] order = config['ipaselinuxusermaporder'] userlist = order[0].split('$') - if defaultuser not in userlist: + if defaultuser and defaultuser not in userlist: raise errors.ValidationError(name=failedattr, error=_('SELinux user map default user not in order list')) |