diff mbox

[4/4] PyFedFs: SELinux prevents slapd from starting

Message ID 20140422215231.29534.35494.stgit@seurat.1015granger.net
State Accepted
Headers show

Commit Message

Chuck Lever April 22, 2014, 9:52 p.m. UTC 
Set an appropriate security context on /var/lib/fedfs/nsdb-db so
that SELinux will allow slapd to run using datafiles in that
directory.

Signed-off-by: Chuck Lever <chuck.lever@oracle.com>
---
 src/PyFedfs/jumpstart/slapd.py |    5 +++++
 1 file changed, 5 insertions(+)
diff mbox

Patch

diff --git a/src/PyFedfs/jumpstart/slapd.py b/src/PyFedfs/jumpstart/slapd.py
index 58ea670..eef7a4f 100644
--- a/src/PyFedfs/jumpstart/slapd.py
+++ b/src/PyFedfs/jumpstart/slapd.py
@@ -35,6 +35,7 @@  from subprocess import Popen, PIPE
 try:
     from PyFedfs.run import EXIT_SUCCESS, EXIT_FAILURE
     from PyFedfs.run import run_as_user, restart_service
+    from PyFedfs.run import run_command
 except ImportError:
     print >> sys.stderr, \
         'Could not import a required Python module:', sys.exc_value
@@ -321,6 +322,10 @@  def replace_slapd_database(pathname):
     if ret != EXIT_SUCCESS:
         return ret
 
+    ret = run_command(['chcon', 'system_u:object_r:slapd_db_t:s0', pathname])
+    if ret != EXIT_SUCCESS:
+        return ret
+
     try:
         dbconfig = os.open(os.path.join(pathname, 'DB_CONFIG'),
                            os.O_CREAT | os.O_EXCL | os.O_WRONLY, 0444)