You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When you start Admin Server from the command line on a non-systemd system (like el6), our init script (/etc/init.d/dirsrv-admin) creates the lock file by doing this:
touch /var/lock/subsys/dirsrv-admin
This file is created with a label of var_lock_t, which causes AVCs when you
issue a restart from Console. This happens because the label is incorrect. If
I make our init script do a restorecon immediately after creating the lockfile,
it gets relabeled properly as dirsrv_var_lock_t. I am then able to restart
Admin Server from Console sucessfully.
This is the change that is needed to the 389-admin code:
diff --git a/wrappers/initscript.in b/wrappers/initscript.in
index 82dd20e..51419f5 100644
--- a/wrappers/initscript.in
+++ b/wrappers/initscript.in
@@ -164,6 +164,9 @@ start() {
fi
fi
[ $RETVAL -eq 0 -a -d /var/lock/subsys ] && touch $lockfile
if [ -f $lockfile ]; then
restorecon $lockfile
fi
}
The text was updated successfully, but these errors were encountered:
Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/47333
When you start Admin Server from the command line on a non-systemd system (like el6), our init script (/etc/init.d/dirsrv-admin) creates the lock file by doing this:
touch /var/lock/subsys/dirsrv-admin
This file is created with a label of var_lock_t, which causes AVCs when you
issue a restart from Console. This happens because the label is incorrect. If
I make our init script do a restorecon immediately after creating the lockfile,
it gets relabeled properly as dirsrv_var_lock_t. I am then able to restart
Admin Server from Console sucessfully.
This is the change that is needed to the 389-admin code:
diff --git a/wrappers/initscript.in b/wrappers/initscript.in
index 82dd20e..51419f5 100644
--- a/wrappers/initscript.in
+++ b/wrappers/initscript.in
@@ -164,6 +164,9 @@ start() {
fi
fi
[ $RETVAL -eq 0 -a -d /var/lock/subsys ] && touch $lockfile
}
The text was updated successfully, but these errors were encountered: