Bug 484826
| Summary: | selinux policy required for TPS and RA subsystems | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Retired] Dogtag Certificate System | Reporter: | Ade Lee <alee> | ||||||
| Component: | SELinux | Assignee: | Ade Lee <alee> | ||||||
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | high | ||||||||
| Version: | unspecified | CC: | awnuk, benl, cfu, dlackey, jgalipea, jmagne, mharmsen | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2009-07-22 23:32:15 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 443788 | ||||||||
| Attachments: |
|
||||||||
|
Description
Ade Lee
2009-02-10 04:58:35 UTC
Created attachment 331397 [details]
patch to fix
mharmsen, please review
Created attachment 331599 [details]
patch to fix native-tools
As pointed out by mharmsen, slightly different sed line needed in native tools.
mharmsen, please review.
attachment (id=331397) attachment (id=331599) +mharmsen * you will also need to update the native-tools, selinux, ra, and tps release numbers and changelogs in their associated dogtag spec files with this bug; no need to make extra attachments [builder@dhcp231-124 dogtag]$ svn ci -m "Bugzilla 484826" selinux tps ra native-tools Sending native-tools/pki-native-tools.spec Sending ra/pki-ra.spec Sending selinux/pki-selinux.spec Sending tps/pki-tps.spec Transmitting file data .... Committed revision 223. [builder@oliver base]$ svn ci -m "Bugzilla 464826" Sending native-tools/setup_package Sending ra/etc/init.d/httpd Sending selinux/src/pki.if Sending selinux/src/pki.te Sending tps/etc/init.d/httpd Transmitting file data ..... Committed revision 222. [root@qe-blade-11 tmp]# ps -eZ | grep pki root:system_r:pki_tps_t 9755 ? 00:00:00 nss_pcache root:system_r:pki_tps_t 9764 ? 00:00:00 nss_pcache root:system_r:pki_tps_t 9777 ? 6-20:23:28 httpd.worker root:system_r:pki_tps_t 15537 ? 00:00:00 nss_pcache root:system_r:pki_tps_t 15546 ? 00:00:00 nss_pcache root:system_r:pki_tps_t 15559 ? 1-02:34:32 httpd.worker root:system_r:pki_ca_t 17381 ? 00:00:09 java root:system_r:pki_kra_t 18570 ? 00:00:03 java root:system_r:pki_ocsp_t 19589 ? 00:00:03 java root:system_r:pki_tks_t 20590 ? 00:00:03 java root:system_r:pki_tps_t 21489 ? 00:00:00 nss_pcache root:system_r:pki_tps_t 21498 ? 00:00:00 nss_pcache root:system_r:pki_tps_t 21511 ? 19:26:40 httpd.worker root:system_r:pki_ra_t 22126 pts/0 00:00:00 nss_pcache root:system_r:pki_ra_t 22135 pts/0 00:00:00 nss_pcache root:system_r:pki_ra_t 22136 ? 00:00:00 httpd.worker root:system_r:pki_ra_t 22148 ? 00:00:00 httpd.worker root:system_r:pki_tps_t 24806 pts/0 00:00:00 nss_pcache root:system_r:pki_tps_t 24815 pts/0 00:00:00 nss_pcache root:system_r:pki_tps_t 24816 ? 00:00:00 httpd.worker root:system_r:pki_tps_t 24828 ? 00:00:00 httpd.worker root:system_r:pki_ca_t 27665 ? 00:00:05 java processes not running unconfined, no selinux messages on install and configuration of any subsystem Verified |