diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2009-11-25 13:42:52 -0500 |
|---|---|---|
| committer | Jason Gerard DeRose <jderose@redhat.com> | 2009-11-26 00:16:30 -0700 |
| commit | cfec51819bd40f2795f0771a74714e0ce1135c26 (patch) | |
| tree | 3daa879cb56da29bcdbc0574e279685874c16696 /ipa.spec.in | |
| parent | 986c4e23e7f640911cbe72129dc3f675438f35d4 (diff) | |
| download | freeipa-cfec51819bd40f2795f0771a74714e0ce1135c26.tar.gz freeipa-cfec51819bd40f2795f0771a74714e0ce1135c26.tar.xz freeipa-cfec51819bd40f2795f0771a74714e0ce1135c26.zip | |
Add SELinux policy for CRL file publishing.
This policy should really be provided by dogtag. We don't want
to grant read/write access to everything dogtag can handle so we
change the context to cert_t instead. But we have to let dogtag
read/write that too hence this policy.
To top it off we can't load this policy unless dogtag is also loaded
so we insert it in the IPA installer
Diffstat (limited to 'ipa.spec.in')
| -rw-r--r-- | ipa.spec.in | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/ipa.spec.in b/ipa.spec.in index 5e24eedcd..ea22cdddb 100644 --- a/ipa.spec.in +++ b/ipa.spec.in @@ -418,6 +418,7 @@ fi %files server-selinux %{_usr}/share/selinux/targeted/ipa_kpasswd.pp %{_usr}/share/selinux/targeted/ipa_httpd.pp +%{_usr}/share/selinux/targeted/ipa_dogtag.pp %endif %files client |