diff options
author | Simo Sorce <simo@redhat.com> | 2014-05-01 13:16:14 -0400 |
---|---|---|
committer | Simo Sorce <simo@redhat.com> | 2014-05-01 21:05:45 -0400 |
commit | c6e97e93a61b02602f14606a60b6154880308123 (patch) | |
tree | 697ee43a3976d8d305637a6d5dcabd22f271f059 /contrib | |
parent | 2c888a62a0c21114b51fd79d5321d5fed39f0b6e (diff) | |
download | ipsilon-c6e97e93a61b02602f14606a60b6154880308123.tar.gz ipsilon-c6e97e93a61b02602f14606a60b6154880308123.tar.xz ipsilon-c6e97e93a61b02602f14606a60b6154880308123.zip |
Make SELinux happy
Add proper context to shared state directories so that httpd can write there.
Relax SElinux boolans to allow use of pam modules
This allows running Ipsilon in fully enforcing mode when pam auth
using the python-pam modules is used.
Signed-off-by: Simo Sorce <simo@redhat.com>
Diffstat (limited to 'contrib')
-rw-r--r-- | contrib/fedora/ipsilon.spec | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/contrib/fedora/ipsilon.spec b/contrib/fedora/ipsilon.spec index 08f2c70..f86e4de 100644 --- a/contrib/fedora/ipsilon.spec +++ b/contrib/fedora/ipsilon.spec @@ -62,6 +62,15 @@ getent passwd ipsilon >/dev/null || \ -c "Ipsilon Server" ipsilon exit 0 +%post +semanage fcontext -a -t httpd_var_lib_t '%{_sharedstatedir}/ipsilon(/.*)?' 2>/dev/null || : +semanage fcontext -a -t var_lib_t '%{_sharedstatedir}/ipsilon(/.*)/*.conf' 2>/dev/null || : +restorecon -R %{_sharedstatedir}/ipsilon || : + +%postun +semanage fcontext -d -t var_lib_t '%{_sharedstatedir}/ipsilon(/.*)/*.conf' 2>/dev/null || : +semanage fcontext -d -t httpd_var_lib_t '%{_sharedstatedir}/ipsilon(/.*)?' 2>/dev/null || : + %files %doc COPYING %{python2_sitelib}/ipsilon-*.egg-info |