Learn more about these different git repos.
Other Git URLs
Currently the IPA backend writes out the login file containing the SELinux login string directly to /etc/selinux/targeted/logins. It might help to improve the audit trail if we used libsemanage instead.
/etc/selinux/targeted/logins
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=1113784 (Red Hat Enterprise Linux 7)
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=1113784 1113784]
After a bit more discussion, it was decided that we only need to audit that the file had changed at all, not who changed it.
The move to libsemanage is not viable, libsemanage doesn't have any facility to operate the flat files.
summary: SELinux: Use libsemanage instead of writing the SELinux file directly => SELinux: Audit changes to the SELinux label files
Fields changed
milestone: NEEDS_TRIAGE => SSSD 1.12.1 priority: major => minor
owner: somebody => mzidek
Mass-moving all tickets that didn't make 1.12.1 into 1.12.2
milestone: SSSD 1.12.1 => SSSD 1.12.2
patch: 0 => 1
We need to do a release as requested by downstream. Moving tickets that are not fixed already or very close to acking to 1.12.3
milestone: SSSD 1.12.2 => SSSD 1.12.3
mark: => 0 resolution: => fixed status: new => closed
Metadata Update from @jhrozek: - Issue assigned to mzidek - Issue set to the milestone: SSSD 1.12.3
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/3414
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.