[Kimchi-devel] [PATCH] Github #329: Packaging - Update Fedora spec file to address SELinux
Aline Manera
alinefm at linux.vnet.ibm.com
Tue Apr 22 14:44:02 UTC 2014
Reviewed-by: Aline Manera <alinefm at linux.vnet.ibm.com>
I will apply it to wip branch and continue the tests there.
On 04/17/2014 05:51 PM, Paulo Vital wrote:
> Signed-off-by: Paulo Vital <pvital at linux.vnet.ibm.com>
> ---
> contrib/kimchi.spec.fedora.in | 4 ++++
> 1 file changed, 4 insertions(+)
>
> diff --git a/contrib/kimchi.spec.fedora.in b/contrib/kimchi.spec.fedora.in
> index 77bf6bf..185f0ff 100644
> --- a/contrib/kimchi.spec.fedora.in
> +++ b/contrib/kimchi.spec.fedora.in
> @@ -105,6 +105,8 @@ iptables -I INPUT -p tcp --dport 8001 -j ACCEPT
> iptables -I INPUT -p tcp --dport 64667 -j ACCEPT
> service iptables save >/dev/null 2>&1
> %endif
> +# Add SELinux rules to "open" Kimchi ports
> +semanage permissive -a httpd_t
>
> %preun
>
> @@ -129,6 +131,8 @@ if [ "$1" -ge 1 ] ; then
> /bin/systemctl try-restart kimchid.service >/dev/null 2>&1 || :
> fi
> exit 0
> +# Rollback SELinux rules
> +semanage permissive -d httpd_t
>
>
> %clean
More information about the Kimchi-devel
mailing list