Description of problem: Selinux changes are needed for cloning Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Created attachment 330140 [details] patch with selinux changes
Created attachment 330173 [details] patch v2 Patch with changes for this bug 1. add new selinux rules 2. require user to put master pk12 file in /var/lib/pki-ca/alias, change to UI and to common to read from that location. This allows us not to require a new selinux rule for the file location. Also, changes for bug 482761 1. add changes to allow signed_audit cert to be imported correctly cfu or awnuk, please review
+cfu ***reviewed p12 and signed audit changes only***
[builder@dhcp231-124 pki]$ svn ci -m "Bugzilla BZ# 482738: selinux changes for cloning" Sending base/common/src/com/netscape/cms/servlet/csadmin/RestoreKeyCertPanel.java Sending base/common/src/com/netscape/cms/servlet/csadmin/WizardPanelBase.java Sending base/selinux/src/pki.fc Sending base/selinux/src/pki.if Sending base/selinux/src/pki.te Sending dogtag/common/pki-common.spec Sending dogtag/common-ui/dogtag-pki-common-ui.spec Sending dogtag/common-ui/shared/admin/console/config/restorekeycertpanel.vm Sending dogtag/selinux/pki-selinux.spec Transmitting file data ......... Committed revision 199. [builder@oliver redhat]$ svn ci -m "Bugzilla BZ#482738: selinux changes for cloning" Sending common-ui/redhat-pki-common-ui.el4sol9.spec Sending common-ui/redhat-pki-common-ui.spec Sending common-ui/shared/admin/console/config/restorekeycertpanel.vm Transmitting file data ... Committed revision 15406.