Bug 700505 - pki tomcat6 instances currently running unconfined
Summary: pki tomcat6 instances currently running unconfined
Keywords:
Status: MODIFIED
Alias: None
Product: Dogtag Certificate System
Classification: Retired
Component: SELinux
Version: 9.0
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Ade Lee
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks: 530474 700522 732064 732084
TreeView+ depends on / blocked
 
Reported: 2011-04-28 14:46 UTC by Ade Lee
Modified: 2015-01-05 00:25 UTC (History)
5 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
: 700522 (view as bug list)
Environment:
Last Closed:

Attachments (Terms of Use)
patch to fix (9.48 KB, patch)
2011-08-09 15:40 UTC, Ade Lee 		mharmsen: review+
Details | Diff
patch to make sure server comes up when selinux disabled (838 bytes, patch)
2011-08-15 20:32 UTC, Ade Lee 		awnuk: review+
Details | Diff
Add an attachment (proposed patch, testcase, etc.)

Description Ade Lee 2011-04-28 14:46:21 UTC 
Description of problem:

Due to changes in the startup scripts, pki tomcat6 instances (on tip and on ipa branch) currently run unconfined.  That is, the pki selinux policy is present but is not being used.


Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 3 Ade Lee 2011-08-09 15:40:23 UTC 
Created attachment 517433 [details]
patch to fix
Comment 4 Ade Lee 2011-08-09 17:26:48 UTC 
tip: 

[vakwetu@dhcp231-121 base]$ svn ci -m "Resolves #700505 - pki tomcat6 instances currently running unconfined"
Sending        base/common/scripts/functions
Sending        base/selinux/src/pki.fc
Sending        base/selinux/src/pki.if
Sending        base/selinux/src/pki.te
Transmitting file data ....
Committed revision 2127.
Comment 5 Ade Lee 2011-08-15 20:32:11 UTC 
Created attachment 518327 [details]
patch  to make sure server comes up when selinux disabled
Comment 6 Ade Lee 2011-08-15 20:47:46 UTC 
tip:

[vakwetu@dhcp231-121 base]$ svn ci -m "Resolves #700522 - pki tomcat6 instances currently running unconfined, allow server to come up when selinux disabled"
Sending        base/common/scripts/functions
Transmitting file data .
Committed revision 2146.
Note You need to log in before you can comment on or make changes to this bug.