diff options
| -rw-r--r-- | freeipa.spec.in | 8 | ||||
| -rw-r--r-- | init/systemd/httpd.service | 2 | ||||
| -rw-r--r-- | init/systemd/ipa.conf.tmpfiles | 4 | ||||
| -rw-r--r-- | install/conf/ipa.conf | 4 |
4 files changed, 12 insertions, 6 deletions
diff --git a/freeipa.spec.in b/freeipa.spec.in index 737364556..b14acee63 100644 --- a/freeipa.spec.in +++ b/freeipa.spec.in @@ -465,7 +465,9 @@ install -m 0644 init/systemd/ipa.conf.tmpfiles %{buildroot}%{_tmpfilesdir}/%{nam mkdir -p %{buildroot}%{_localstatedir}/run/ install -d -m 0700 %{buildroot}%{_localstatedir}/run/ipa_memcached/ install -d -m 0700 %{buildroot}%{_localstatedir}/run/ipa/ -install -d -m 0700 %{buildroot}%{_localstatedir}/run/httpd/clientcaches +install -d -m 0700 %{buildroot}%{_localstatedir}/run/httpd/ipa +install -d -m 0700 %{buildroot}%{_localstatedir}/run/httpd/ipa/clientcaches +install -d -m 0700 %{buildroot}%{_localstatedir}/run/httpd/ipa/krbcache mkdir -p %{buildroot}%{_libdir}/krb5/plugins/libkrb5 touch %{buildroot}%{_libdir}/krb5/plugins/libkrb5/winbind_krb5_locator.so @@ -685,7 +687,9 @@ fi %config(noreplace) %{_sysconfdir}/sysconfig/ipa-ods-exporter %dir %attr(0700,apache,apache) %{_localstatedir}/run/ipa_memcached/ %dir %attr(0700,root,root) %{_localstatedir}/run/ipa/ -%dir %attr(0700,apache,apache) %{_localstatedir}/run/httpd/clientcaches/ +%dir %attr(0700,apache,apache) %{_localstatedir}/run/httpd/ipa/ +%dir %attr(0700,apache,apache) %{_localstatedir}/run/httpd/ipa/clientcaches/ +%dir %attr(0700,apache,apache) %{_localstatedir}/run/httpd/ipa/krbcache/ # NOTE: systemd specific section %{_tmpfilesdir}/%{name}.conf %attr(644,root,root) %{_unitdir}/ipa.service diff --git a/init/systemd/httpd.service b/init/systemd/httpd.service index ef1e6bfda..231f86f44 100644 --- a/init/systemd/httpd.service +++ b/init/systemd/httpd.service @@ -1,4 +1,4 @@ .include /usr/lib/systemd/system/httpd.service [Service] -Environment=KRB5CCNAME=/var/run/httpd/krbcache/krb5ccache +Environment=KRB5CCNAME=/var/run/httpd/ipa/krbcache/krb5ccache diff --git a/init/systemd/ipa.conf.tmpfiles b/init/systemd/ipa.conf.tmpfiles index b4503cc67..6eab2621c 100644 --- a/init/systemd/ipa.conf.tmpfiles +++ b/init/systemd/ipa.conf.tmpfiles @@ -1,3 +1,5 @@ d /var/run/ipa_memcached 0700 apache apache d /var/run/ipa 0700 root root -d /var/run/httpd/clientcaches 0700 apache apache +d /var/run/httpd/ipa 0700 apache apache +d /var/run/httpd/ipa/clientcaches 0700 apache apache +d /var/run/httpd/ipa/krbcache 0700 apache apache diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf index 92637c04d..57de2f1a9 100644 --- a/install/conf/ipa.conf +++ b/install/conf/ipa.conf @@ -1,5 +1,5 @@ # -# VERSION 17 - DO NOT REMOVE THIS LINE +# VERSION 18 - DO NOT REMOVE THIS LINE # # This file may be overwritten on upgrades. # @@ -66,7 +66,7 @@ WSGIScriptReloading Off AuthName "Kerberos Login" GssapiCredStore keytab:/etc/httpd/conf/ipa.keytab GssapiCredStore client_keytab:/etc/httpd/conf/ipa.keytab - GssapiDelegCcacheDir /var/run/httpd/clientcaches + GssapiDelegCcacheDir /var/run/httpd/ipa/clientcaches GssapiUseS4U2Proxy on Require valid-user ErrorDocument 401 /ipa/errors/unauthorized.html |