On Thu, 2009-09-10 at 10:20 -0400, Rob Crittenden wrote: > Rob Crittenden wrote: > > The management framework wasn't working with SELinux over ldapi because > > it lacked permission to access the unix socket. This patch grants > > permission. > > > > Probably easier to review with the patch attached.
The patch was attached :-) One question comes to mind though, you are giving access to any socket labeled initrc_t (if my selinux policy reading skills are good enough, which may not be). Shouldn't we discuss with the DS team to have a more specific label for this socket ? Simo. -- Simo Sorce * Red Hat, Inc * New York _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel
