freeipa

Clone
Source Code
GIT

#4678 ipa-server-install --uninstall Could not set SELinux booleans for httpd
Closed: Fixed None Opened 9 years ago by pvoborni.

Closed: Fixed
Reopen Issue

Ticket was cloned from Red Hat Bugzilla (product Red Hat Enterprise Linux 7): Bug 1159330

ipa-server-install incorrectly calls setsebool with None as an option value. Producing:

WARNING: Could not set SELinux booleans: httpd_can_network_connect=None httpd_manage_ipa=None

or

WARNING: Could not set SELinux booleans: samba_portmapper=None

Initial investigation suggests that c7d6fea removes 'if restored state is None' check. 

- sebool_state = self.restore_state(var)
- if not sebool_state is None:

Reproduction:

  • for httpd_*: call {{{ipa-server-install --uninstall -U}}} twice in a row,
  • samba_portmapper case was seen in first --uninstall call on Fedora

FreeIPA 4.1.1 was released.

Ticket is requested by a downstream RHEL release, bumping priority.

patch posted for review by pviktori(patch 673)

master:

  • a14ce85 Do not restore SELinux settings that were not backed up

ipa-4-1:

  • 1d7407c Do not restore SELinux settings that were not backed up

Metadata Update from @pvoborni:
- Issue assigned to pviktori
- Issue set to the milestone: FreeIPA 4.1.2
7 years ago

Login to comment on this ticket.

Metadata
None
None
None
important
None
None
None
None
defect
None
None
Installation
None
1
None
None
pvoborni
None
https://bugzilla.redhat.com/show_bug.cgi?id=1159330
None
None
None
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.