Signed-off-by: Paulo Vital <pvital(a)linux.vnet.ibm.com>
---
contrib/kimchi.spec.fedora.in | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/contrib/kimchi.spec.fedora.in b/contrib/kimchi.spec.fedora.in
index 77bf6bf..185f0ff 100644
--- a/contrib/kimchi.spec.fedora.in
+++ b/contrib/kimchi.spec.fedora.in
@@ -105,6 +105,8 @@ iptables -I INPUT -p tcp --dport 8001 -j ACCEPT
iptables -I INPUT -p tcp --dport 64667 -j ACCEPT
service iptables save >/dev/null 2>&1
%endif
+# Add SELinux rules to "open" Kimchi ports
+semanage permissive -a httpd_t
%preun
@@ -129,6 +131,8 @@ if [ "$1" -ge 1 ] ; then
/bin/systemctl try-restart kimchid.service >/dev/null 2>&1 || :
fi
exit 0
+# Rollback SELinux rules
+semanage permissive -d httpd_t
%clean
--
1.8.3.1