wrappers/initscript.in | 3 +++
1 file changed, 3 insertions(+)
New commits:
commit 7e277bf2171fb05722742abc867361e2be5b8776
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Thu Apr 18 09:52:50 2013 -0700
Ticket #47333 - Relabel lockfile when starting Admin Server
On a non-systemd system, our init script creates a lockfile. This
lockfile gets a generic var_lock_t label, which causes problems
when we try to restart Admin Server via CGI. Our CGIs are not
allowed to remove the old lockfile due to the SELinux policy.
We do have a fcontext rule for this lock file, but we need to
explicitly perform a relabel since the file is created by our
init script. This patch relabels the lockfile immediately after
creation, which then allows our CGIs to properly manage it later.
diff --git a/wrappers/initscript.in b/wrappers/initscript.in
index 82dd20e..51419f5 100644
--- a/wrappers/initscript.in
+++ b/wrappers/initscript.in
@@ -164,6 +164,9 @@ start() {
fi
fi
[ $RETVAL -eq 0 -a -d /var/lock/subsys ] && touch $lockfile
+ if [ -f $lockfile ]; then
+ restorecon $lockfile
+ fi
}
stop() {
Show replies by thread