On Thu, 2009-09-10 at 10:20 -0400, Rob Crittenden wrote:
> Rob Crittenden wrote:
> > The management framework wasn't working with SELinux over ldapi because
> > it lacked permission to access the unix socket. This patch grants
> > permission.
> Probably easier to review with the patch attached.
The patch was attached :-)
One question comes to mind though, you are giving access to any socket
labeled initrc_t (if my selinux policy reading skills are good enough,
which may not be).
Shouldn't we discuss with the DS team to have a more specific label for
this socket ?
Simo Sorce * Red Hat, Inc * New York
Freeipa-devel mailing list