Login
[x]
Log in using an account from:
Fedora Account System
Red Hat Associate
Red Hat Customer
Or login using a Red Hat Bugzilla account
Forgot Password
Login:
Hide Forgot
Create an Account
Red Hat Bugzilla – Attachment 155754 Details for
Bug 237727
SELinux Policy for all subsystems
[?]
New
Simple Search
Advanced Search
My Links
Browse
Requests
Reports
Current State
Search
Tabular reports
Graphical reports
Duplicates
Other Reports
User Changes
Plotly Reports
Bug Status
Bug Severity
Non-Defaults
|
Product Dashboard
Help
Page Help!
Bug Writing Guidelines
What's new
Browser Support Policy
5.0.4.rh83 Release notes
FAQ
Guides index
User guide
Web Services
Contact
Legal
This site requires JavaScript to be enabled to function correctly, please enable it.
[patch]
init script fixes
selinux.init.diff (text/plain), 12.43 KB, created by
Kevin J. McCarthy
on 2007-05-30 22:36:49 UTC
(
hide
)
Description:
init script fixes
Filename:
MIME Type:
Creator:
Kevin J. McCarthy
Created:
2007-05-30 22:36:49 UTC
Size:
12.43 KB
patch
obsolete
>Index: ca/shared/etc/init.d/httpd >=================================================================== >--- ca/shared/etc/init.d/httpd (revision 226) >+++ ca/shared/etc/init.d/httpd (working copy) >@@ -281,10 +281,11 @@ > > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > touch $CATALINA_PID > chown $TOMCAT_USER:$TOMCAT_GROUP $CATALINA_PID >+ [ -x /sbin/restorecon ] && /sbin/restorecon $CATALINA_PID > > # Always initialize CLASSPATH to start looking > # in the local PKI classes directory . . . > CLASSPATH=/usr/share/[PKI_FLAVOR]/classes > >@@ -767,11 +768,15 @@ > # Relink tomcat jar repositories . . . > cd /var/lib/tomcat5/shared/lib > fi > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT start >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ fi > > RETVAL=$? > [ $RETVAL = 0 ] && touch /var/lock/subsys/[PKI_INSTANCE_ID] > > if [ $RETVAL = 0 ] ; then >@@ -831,11 +836,15 @@ > if [ -f /var/lock/subsys/[PKI_INSTANCE_ID] ] ; then > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT stop >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ fi > > RETVAL=$? > > if [ $RETVAL = 0 ]; then > count=0; >Index: ca/pki-ca.spec >=================================================================== >--- ca/pki-ca.spec (revision 226) >+++ ca/pki-ca.spec (working copy) >@@ -192,11 +192,11 @@ > %pre > if [ `grep -c pkiuser /etc/group` -eq 0 ] ; then > groupadd pkiuser > fi > if [ `grep -c pkiuser /etc/passwd` -eq 0 ] ; then >- useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /bin/bash -c "%{base_pki}" -m pkiuser >+ useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m pkiuser > fi > > %post > chmod 00755 %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall > %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall %{base_prefix} %{base_component} %{base_version} %{base_release} >Index: tks/shared/etc/init.d/httpd >=================================================================== >--- tks/shared/etc/init.d/httpd (revision 226) >+++ tks/shared/etc/init.d/httpd (working copy) >@@ -1,12 +1,25 @@ > #!/bin/bash > # > # --- BEGIN COPYRIGHT BLOCK --- >-# Copyright (C) 2006 Red Hat, Inc. >-# All rights reserved. >-# --- END COPYRIGHT BLOCK --- >+# This program is free software; you can redistribute it and/or modify >+# it under the terms of the GNU General Public License as published by >+# the Free Software Foundation; either version 2 of the License, or >+# (at your option) any later version. >+# >+# This program is distributed in the hope that it will be useful, >+# but WITHOUT ANY WARRANTY; without even the implied warranty of >+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+# GNU General Public License for more details. > # >+# You should have received a copy of the GNU General Public License along >+# with this program; if not, write to the Free Software Foundation, Inc., >+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. >+# >+# Copyright (C) 2007 Red Hat, Inc. >+# All rights reserved. >+# --- END COPYRIGHT BLOCK ### --- > # > # Startup script for Tomcat 5.0, the Apache Servlet Engine > # > # chkconfig: - 80 20 > # description: Tomcat 5.0 is the Apache Servlet Engine RI >@@ -268,10 +281,11 @@ > > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > touch $CATALINA_PID > chown $TOMCAT_USER:$TOMCAT_GROUP $CATALINA_PID >+ [ -x /sbin/restorecon ] && /sbin/restorecon $CATALINA_PID > > # Always initialize CLASSPATH to start looking > # in the local PKI classes directory . . . > CLASSPATH=/usr/share/[PKI_FLAVOR]/classes > >@@ -754,11 +768,15 @@ > # Relink tomcat jar repositories . . . > cd /var/lib/tomcat5/shared/lib > fi > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT start >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ fi > > RETVAL=$? > [ $RETVAL = 0 ] && touch /var/lock/subsys/[PKI_INSTANCE_ID] > > if [ $RETVAL = 0 ] ; then >@@ -818,11 +836,15 @@ > if [ -f /var/lock/subsys/[PKI_INSTANCE_ID] ] ; then > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT stop >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ fi > > RETVAL=$? > > if [ $RETVAL = 0 ]; then > count=0; >Index: tks/pki-tks.spec >=================================================================== >--- tks/pki-tks.spec (revision 226) >+++ tks/pki-tks.spec (working copy) >@@ -200,11 +200,11 @@ > %pre > if [ `grep -c pkiuser /etc/group` -eq 0 ] ; then > groupadd pkiuser > fi > if [ `grep -c pkiuser /etc/passwd` -eq 0 ] ; then >- useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /bin/bash -c "%{base_pki}" -m pkiuser >+ useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m pkiuser > fi > > %post > chmod 00755 %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall > %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall %{base_prefix} %{base_component} %{base_version} %{base_release} >Index: ra/pki-ra.spec >=================================================================== >--- ra/pki-ra.spec (revision 226) >+++ ra/pki-ra.spec (working copy) >@@ -186,11 +186,11 @@ > %pre > if [ `grep -c pkiuser /etc/group` -eq 0 ] ; then > groupadd pkiuser > fi > if [ `grep -c pkiuser /etc/passwd` -eq 0 ] ; then >- useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /bin/bash -c "%{base_pki}" -m pkiuser >+ useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m pkiuser > fi > > %post > chmod 00755 %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall > %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall %{base_prefix} %{base_component} %{base_version} %{base_release} >Index: ocsp/shared/etc/init.d/httpd >=================================================================== >--- ocsp/shared/etc/init.d/httpd (revision 226) >+++ ocsp/shared/etc/init.d/httpd (working copy) >@@ -1,12 +1,25 @@ > #!/bin/bash > # > # --- BEGIN COPYRIGHT BLOCK --- >-# Copyright (C) 2006 Red Hat, Inc. >-# All rights reserved. >-# --- END COPYRIGHT BLOCK --- >+# This program is free software; you can redistribute it and/or modify >+# it under the terms of the GNU General Public License as published by >+# the Free Software Foundation; either version 2 of the License, or >+# (at your option) any later version. >+# >+# This program is distributed in the hope that it will be useful, >+# but WITHOUT ANY WARRANTY; without even the implied warranty of >+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the >+# GNU General Public License for more details. > # >+# You should have received a copy of the GNU General Public License along >+# with this program; if not, write to the Free Software Foundation, Inc., >+# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. >+# >+# Copyright (C) 2007 Red Hat, Inc. >+# All rights reserved. >+# --- END COPYRIGHT BLOCK ### --- > # > # Startup script for Tomcat 5.0, the Apache Servlet Engine > # > # chkconfig: - 80 20 > # description: Tomcat 5.0 is the Apache Servlet Engine RI >@@ -268,10 +281,11 @@ > > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > touch $CATALINA_PID > chown $TOMCAT_USER:$TOMCAT_GROUP $CATALINA_PID >+ [ -x /sbin/restorecon ] && /sbin/restorecon $CATALINA_PID > > # Always initialize CLASSPATH to start looking > # in the local PKI classes directory . . . > CLASSPATH=/usr/share/[PKI_FLAVOR]/classes > >@@ -754,11 +768,15 @@ > # Relink tomcat jar repositories . . . > cd /var/lib/tomcat5/shared/lib > fi > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT start >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ fi > > RETVAL=$? > [ $RETVAL = 0 ] && touch /var/lock/subsys/[PKI_INSTANCE_ID] > > if [ $RETVAL = 0 ] ; then >@@ -818,11 +836,15 @@ > if [ -f /var/lock/subsys/[PKI_INSTANCE_ID] ] ; then > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT stop >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ fi > > RETVAL=$? > > if [ $RETVAL = 0 ]; then > count=0; >Index: ocsp/pki-ocsp.spec >=================================================================== >--- ocsp/pki-ocsp.spec (revision 226) >+++ ocsp/pki-ocsp.spec (working copy) >@@ -207,11 +207,11 @@ > %pre > if [ `grep -c pkiuser /etc/group` -eq 0 ] ; then > groupadd pkiuser > fi > if [ `grep -c pkiuser /etc/passwd` -eq 0 ] ; then >- useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /bin/bash -c "%{base_pki}" -m pkiuser >+ useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m pkiuser > fi > > %post > chmod 00755 %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall > %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall %{base_prefix} %{base_component} %{base_version} %{base_release} >Index: tps/fpki-tps.spec >=================================================================== >--- tps/fpki-tps.spec (revision 226) >+++ tps/fpki-tps.spec (working copy) >@@ -375,11 +375,11 @@ > %pre > if [ `grep -c %{base_user} /etc/group` -eq 0 ] ; then > groupadd %{base_user} > fi > if [ `grep -c %{base_user} /etc/passwd` -eq 0 ] ; then >- useradd -g %{base_user} -d %{_datadir}/%{base_pki_dir} -s /bin/bash -c "%{base_pki}" -m %{base_user} >+ useradd -g %{base_user} -d %{_datadir}/%{base_pki_dir} -s /sbin/nologin -c "%{base_pki}" -m %{base_user} > fi > > > %post > chmod 00755 %{_datadir}/%{base_pki_dir}/%{base_component}/setup/postinstall >Index: kra/shared/etc/init.d/httpd >=================================================================== >--- kra/shared/etc/init.d/httpd (revision 226) >+++ kra/shared/etc/init.d/httpd (working copy) >@@ -281,10 +281,11 @@ > > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > touch $CATALINA_PID > chown $TOMCAT_USER:$TOMCAT_GROUP $CATALINA_PID >+ [ -x /sbin/restorecon ] && /sbin/restorecon $CATALINA_PID > > # Always initialize CLASSPATH to start looking > # in the local PKI classes directory . . . > CLASSPATH=/usr/share/[PKI_FLAVOR]/classes > >@@ -767,11 +768,15 @@ > # Relink tomcat jar repositories . . . > cd /var/lib/tomcat5/shared/lib > fi > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT start >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT start" > /dev/null >+ fi > > RETVAL=$? > [ $RETVAL = 0 ] && touch /var/lock/subsys/[PKI_INSTANCE_ID] > > if [ $RETVAL = 0 ] ; then >@@ -831,11 +836,15 @@ > if [ -f /var/lock/subsys/[PKI_INSTANCE_ID] ] ; then > CATALINA_PID=/var/run/[PKI_INSTANCE_ID].pid > export CATALINA_PID > > # daemon --user $TOMCAT_USER $TOMCAT_SCRIPT stop >- su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ if [ ${OS} = "SunOS" ] ; then >+ su $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ else >+ su -s /bin/bash $TOMCAT_USER -c "$TOMCAT_SCRIPT stop" > /dev/null >+ fi > > RETVAL=$? > > if [ $RETVAL = 0 ]; then > count=0; >Index: kra/pki-kra.spec >=================================================================== >--- kra/pki-kra.spec (revision 226) >+++ kra/pki-kra.spec (working copy) >@@ -198,11 +198,11 @@ > %pre > if [ `grep -c pkiuser /etc/group` -eq 0 ] ; then > groupadd pkiuser > fi > if [ `grep -c pkiuser /etc/passwd` -eq 0 ] ; then >- useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /bin/bash -c "%{base_pki}" -m pkiuser >+ useradd -g pkiuser -d %{_datadir}/%{base_prefix} -s /sbin/nologin -c "%{base_pki}" -m pkiuser > fi > > %post > chmod 00755 %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall > %{_datadir}/%{base_prefix}/%{base_component}/setup/postinstall %{base_prefix} %{base_component} %{base_version} %{base_release}
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=155754">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 237727
:
155753
| 155754 |
323844
|
323850
|
323959
|
324086
|
324542
|
324544