URL: https://github.com/freeipa/freeipa/pull/742 Author: martbab Title: #742: Revert "Store GSSAPI session key in /var/run/ipa" Action: synchronized
To pull the PR as Git branch: git remote add ghfreeipa https://github.com/freeipa/freeipa git fetch ghfreeipa pull/742/head:pr742 git checkout pr742
From 8237625e3c8843e9fc04d159a8e50795fa6fb52f Mon Sep 17 00:00:00 2001 From: Martin Babinsky <mbabi...@redhat.com> Date: Thu, 27 Apr 2017 14:36:01 +0200 Subject: [PATCH] Revert "Store GSSAPI session key in /var/run/ipa" This reverts commit 2bab2d4963daa99742875f3633a99966bc56f5a3. It was pointed out that apache has no access to /var/lib/ipa directory breaking the session handling. https://pagure.io/freeipa/issue/6880 --- install/conf/ipa.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/install/conf/ipa.conf b/install/conf/ipa.conf index 56c8995..75c122e 100644 --- a/install/conf/ipa.conf +++ b/install/conf/ipa.conf @@ -1,5 +1,5 @@ # -# VERSION 26 - DO NOT REMOVE THIS LINE +# VERSION 25 - DO NOT REMOVE THIS LINE # # This file may be overwritten on upgrades. # @@ -78,7 +78,7 @@ WSGIScriptReloading Off SessionCookieName ipa_session path=/ipa;httponly;secure; SessionHeader IPASESSION SessionMaxAge 1800 - GssapiSessionKey file:/var/run/ipa/session.key + GssapiSessionKey file:/etc/httpd/alias/ipasession.key GssapiImpersonate On GssapiDelegCcacheDir /var/run/ipa/ccaches @@ -127,7 +127,7 @@ Alias /ipa/session/cookie "/usr/share/ipa/gssapi.login" SessionCookieName ipa_session path=/ipa;httponly;secure; SessionHeader IPASESSION SessionMaxAge 1800 - GssapiSessionKey file:/var/run/ipa/session.key + GssapiSessionKey file:/etc/httpd/alias/ipasession.key Header unset Set-Cookie </Location>
-- Manage your subscription for the Freeipa-devel mailing list: https://www.redhat.com/mailman/listinfo/freeipa-devel Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code