[Kimchi-devel] [PATCH] Github #329: Packaging - Update Fedora spec file to address SELinux

Tue Apr 22 14:44:02 UTC 2014

Reviewed-by: Aline Manera <alinefm at linux.vnet.ibm.com>

I will apply it to wip branch and continue the tests there.

On 04/17/2014 05:51 PM, Paulo Vital wrote:
> Signed-off-by: Paulo Vital <pvital at linux.vnet.ibm.com>
> ---
>   contrib/kimchi.spec.fedora.in | 4 ++++
>   1 file changed, 4 insertions(+)
>
> diff --git a/contrib/kimchi.spec.fedora.in b/contrib/kimchi.spec.fedora.in
> index 77bf6bf..185f0ff 100644
> --- a/contrib/kimchi.spec.fedora.in
> +++ b/contrib/kimchi.spec.fedora.in
> @@ -105,6 +105,8 @@ iptables -I INPUT -p tcp --dport 8001 -j ACCEPT
>   iptables -I INPUT -p tcp --dport 64667 -j ACCEPT
>   service iptables save >/dev/null 2>&1
>   %endif
> +# Add SELinux rules to "open" Kimchi ports
> +semanage permissive -a httpd_t
>
>   %preun
>
> @@ -129,6 +131,8 @@ if [ "$1" -ge 1 ] ; then
>       /bin/systemctl try-restart kimchid.service >/dev/null 2>&1 || :
>   fi
>   exit 0
> +# Rollback SELinux rules
> +semanage permissive -d httpd_t
>
>
>   %clean