andykimpe / rpms / 389-ds-base

Forked from rpms/389-ds-base 5 months ago
Clone
Source Code
GIT

Blame 0360-Ticket-48305-perl-module-conditional-test-is-not-con.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   c6
  2.   0360-Ticket-48305-perl-module-conditional-test-is-not-con.patch
Blob History Raw
dc8c34 
From 856297fa7f6bfbaeebebef05c9f9f06462a8533a Mon Sep 17 00:00:00 2001
dc8c34 
From: Noriko Hosoi <nhosoi@redhat.com>
dc8c34 
Date: Thu, 8 Oct 2015 11:43:36 -0700
dc8c34 
Subject: [PATCH 360/363] Ticket #48305 - perl module conditional test is not
dc8c34 
 conditional when checking SELinux policies
dc8c34
dc8c34 
Description: If sestatus reports SELinux is disabled, SELinux commands
dc8c34 
such as semanage and restorecon fail.  This patch checks the availability
dc8c34 
and only if the status says SELinux is enabled, it calls the SELinux
dc8c34 
commands.
dc8c34
dc8c34 
https://fedorahosted.org/389/ticket/48305
dc8c34
dc8c34 
Reviewed by mreynolds@redhat.com (Thank you, Mark!!)
dc8c34
dc8c34 
(cherry picked from commit 9fefc13c02c9ae037fad053152193794706aaa31)
dc8c34 
(cherry picked from commit 2a05a3a75ce082a28375cb2f687739d7474164a1)
dc8c34 
(cherry picked from commit b20756b735cf62763822ba93d892608e7a715b18)
dc8c34 
(cherry picked from commit 72a638098626bb84d9c7f2c233c1231d3b539f27)
dc8c34 
---
dc8c34 
 ldap/admin/src/scripts/DSCreate.pm.in | 8 ++++++--
dc8c34 
 1 file changed, 6 insertions(+), 2 deletions(-)
dc8c34
dc8c34 
diff --git a/ldap/admin/src/scripts/DSCreate.pm.in b/ldap/admin/src/scripts/DSCreate.pm.in
dc8c34 
index 30de40e..76d2e88 100644
dc8c34 
--- a/ldap/admin/src/scripts/DSCreate.pm.in
dc8c34 
+++ b/ldap/admin/src/scripts/DSCreate.pm.in
dc8c34 
@@ -969,9 +969,11 @@ sub setDefaults {
dc8c34
dc8c34 
 sub updateSelinuxPolicy {
dc8c34 
     my $inf = shift;
dc8c34 
+    my $mydevnull = (-f "/dev/null" ? " /dev/null " : " NUL ");
dc8c34
dc8c34 
     # if selinux is not available, do nothing
dc8c34 
-    if ("@with_selinux@") {
dc8c34 
+    if ("@with_selinux@" and
dc8c34 
+        -f "@sbindir@/sestatus" and !system ("@sbindir@/sestatus | egrep -i \"selinux status:\\s*enabled\" > $mydevnull 2>&1")) {
dc8c34 
         my $localstatedir = $inf->{slapd}->{localstatedir};
dc8c34
dc8c34 
         # run restorecon on all of the parent directories we
dc8c34 
@@ -1375,7 +1377,9 @@ sub removeDSInstance {
dc8c34 
     }
dc8c34
dc8c34 
     # remove the selinux label from the ports if needed
dc8c34 
-    if ("@with_selinux@") {
dc8c34 
+    my $mydevnull = (-f "/dev/null" ? " /dev/null " : " NUL ");
dc8c34 
+    if ("@with_selinux@" and
dc8c34 
+        -f "@sbindir@/sestatus" and !system ("@sbindir@/sestatus | egrep -i \"selinux status:\\s*enabled\" > $mydevnull 2>&1")) {
dc8c34 
         foreach my $port (@{$entry->{"nsslapd-port"}})
dc8c34 
         {
dc8c34 
             my $semanage_err = `semanage port -d -t ldap_port_t -p tcp $port 2>&1;;
dc8c34 
--
dc8c34 
2.4.3
dc8c34

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation