Home Explore Help
Register Sign In
Apq
/
389-ds-base
mirror of https://github.com/389ds/389-ds-base.git
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

Ticket 49814 - dscreate should handle selinux ports that are in a range

Description:  If the server port is within a selinux policy range do not
              try to add or remove the port as it will cause a failure
              during removal (even though the removal actually worked)

https://pagure.io/389-ds-base/issue/49814

Reviewed by: spichugi(Thanks!)
Mark Reynolds 7 years ago
parent
70bdd335d1
commit
5d611f1cd9
1 changed files with 5 additions and 0 deletions
Split View Show Diff Stats
  1. 5 0
      src/lib389/lib389/utils.py

+ 5 - 0
src/lib389/lib389/utils.py
View File 

@@ -198,6 +198,11 @@ def selinux_label_port(port, remove_label=False):
 
     for policy in policies:
 
         if "ldap_port_t" == policy['type']:
 
             label_set = True  # Port already has our label
 
+            if policy['low'] != policy['high']:
 
+                # We have a range
 
+                if port in range(policy['low'], policy['high'] + 1):
 
+                    # The port is within the range, just return
 
+                    return
 
             break
 
         else:
 
             # Port belongs to someone else (bad)