Bug 482738

Summary: selinux changes need for cloning
Product: [Retired] Dogtag Certificate System Reporter: Ade Lee <alee>
Component: CloningAssignee: Ade Lee <alee>
Status: CLOSED ERRATA QA Contact: Chandrasekar Kannan <ckannan>
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: awnuk, benl, cfu
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2009-07-22 23:31:37 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 443788    
Attachments:
Description Flags
patch with selinux changes
none
patch v2 none

Description Ade Lee 2009-01-27 19:46:33 UTC 
Description of problem:

Selinux changes are needed for cloning 

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Ade Lee 2009-01-27 19:48:14 UTC 
Created attachment 330140 [details]
patch with selinux changes
Comment 2 Ade Lee 2009-01-27 23:13:00 UTC 
Created attachment 330173 [details]
patch v2

Patch with changes for this bug
1. add new selinux rules 
2. require user to put master pk12 file in /var/lib/pki-ca/alias, change to UI and
   to common to read from that location.  This allows us not to require a new 
   selinux rule for the file location.

Also, changes for bug 482761
1. add changes to allow signed_audit cert to be imported correctly

cfu or awnuk, please review
Comment 4 Christina Fu 2009-01-28 15:44:42 UTC 
+cfu   ***reviewed p12 and signed audit changes only***
Comment 5 Ade Lee 2009-01-28 16:08:36 UTC 
[builder@dhcp231-124 pki]$ svn ci -m "Bugzilla BZ# 482738: selinux changes for cloning" 
Sending        base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java
Sending        base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java
Sending        base/selinux/src/pki.fc
Sending        base/selinux/src/pki.if
Sending        base/selinux/src/pki.te
Sending        dogtag/common/pki-common.spec
Sending        dogtag/common-ui/dogtag-pki-common-ui.spec
Sending        dogtag/common-ui/shared/admin/console/config/restorekeycertpanel.vm
Sending        dogtag/selinux/pki-selinux.spec
Transmitting file data .........
Committed revision 199.

[builder@oliver redhat]$ svn ci -m "Bugzilla BZ#482738: selinux changes for cloning"
Sending        common-ui/redhat-pki-common-ui.el4sol9.spec
Sending        common-ui/redhat-pki-common-ui.spec
Sending        common-ui/shared/admin/console/config/restorekeycertpanel.vm
Transmitting file data ...
Committed revision 15406.