diff options
author | Nathan Kinder <nkinder@redhat.com> | 2009-10-15 09:31:52 -0700 |
---|---|---|
committer | Nathan Kinder <nkinder@redhat.com> | 2009-10-15 09:31:52 -0700 |
commit | d7b1c99abd516b54e302acb775c9e01295fc616a (patch) | |
tree | e39ec88e9180620ec1694c26c55ee24c42c53926 /ldap/admin | |
parent | d1214317ca2bcefd18db4e1a7414ac2a8408e5a9 (diff) | |
download | ds-d7b1c99abd516b54e302acb775c9e01295fc616a.tar.gz ds-d7b1c99abd516b54e302acb775c9e01295fc616a.tar.xz ds-d7b1c99abd516b54e302acb775c9e01295fc616a.zip |
Expose dirsrv SELinux policy interface.
This adds a number of interface macros to the dirsrv SELinux policy
module. These macros are intended for use by the Administration
Server SELinux policy that is currently being developed.
I also made some changes to the setup code that labels newly created
directories. When the first instance is created, some top-level
directories are created that were not being labeled properly.
Diffstat (limited to 'ldap/admin')
-rw-r--r-- | ldap/admin/src/scripts/DSCreate.pm.in | 16 |
1 files changed, 15 insertions, 1 deletions
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in b/ldap/admin/src/scripts/DSCreate.pm.in index 96930dfd..43fd1d9d 100644 --- a/ldap/admin/src/scripts/DSCreate.pm.in +++ b/ldap/admin/src/scripts/DSCreate.pm.in @@ -903,7 +903,21 @@ sub updateSelinuxPolicy { # if selinux is not available, do nothing if ("@with_selinux@") { - # run restorecon on all directories we created + my $localstatedir = $inf->{slapd}->{localstatedir}; + + # run restorecon on all of the parent directories we + # may have created (this only happens if this is the + # first instance created). + if ("@with_fhs_opt@") { + system("restorecon -R $localstatedir/@PACKAGE_NAME@"); + } else { + system("restorecon -R $localstatedir/lock/@PACKAGE_NAME@"); + system("restorecon -R $localstatedir/log/@PACKAGE_NAME@"); + system("restorecon -R $localstatedir/run/@PACKAGE_NAME@"); + system("restorecon -R $localstatedir/lib/@PACKAGE_NAME@"); + } + + # run restorecon on all instance directories we created for my $kw (qw(inst_dir config_dir schema_dir log_dir lock_dir run_dir tmp_dir cert_dir db_dir ldif_dir bak_dir)) { my $dir = $inf->{slapd}->{$kw}; |