|
|
@@ -1011,10 +1011,11 @@ sub updateSelinuxPolicy {
|
|
|
if ($need_label == 1) {
|
|
|
my $semanage_err;
|
|
|
my $rc;
|
|
|
- my $retry = 60;
|
|
|
+ # 60 is a bit excessive, we should fail faster.
|
|
|
+ my $retry = 5;
|
|
|
$ENV{LANG} = "C";
|
|
|
while (($retry > 0) && ($semanage_err = `semanage port -a -t ldap_port_t -p tcp $inf->{slapd}->{ServerPort} 2>&1`) && ($rc = $?)) {
|
|
|
- debug(1, "Adding port $inf->{slapd}->{ServerPort} to selinux policy failed - $semanage_err (return code: $rc).\n");
|
|
|
+ debug(1, "Adding port $inf->{slapd}->{ServerPort} to selinux policy failed - $semanage_err (return code: $rc, $retry attempts remain).\n");
|
|
|
debug(1, "Retrying in 5 seconds\n");
|
|
|
sleep(5);
|
|
|
$retry--;
|
|
|
@@ -1413,13 +1414,13 @@ sub removeDSInstance {
|
|
|
{
|
|
|
my $semanage_err;
|
|
|
my $rc;
|
|
|
- my $retry = 60;
|
|
|
+ my $retry = 5;
|
|
|
$ENV{LANG} = "C";
|
|
|
while (($retry > 0) && ($semanage_err = `semanage port -d -t ldap_port_t -p tcp $port 2>&1`) && ($rc = $?)) {
|
|
|
if (($semanage_err =~ /defined in policy, cannot be deleted/) || ($semanage_err =~ /is not defined/)) {
|
|
|
$retry = -1;
|
|
|
} else {
|
|
|
- debug(1, "Warning: Port $port not removed from selinux policy correctly. Error: $semanage_err\n");
|
|
|
+ debug(1, "Warning: Port $port not removed from selinux policy correctly, $retry attempts remain. Error: $semanage_err\n");
|
|
|
debug(1, "Retrying in 5 seconds\n");
|
|
|
sleep(5);
|
|
|
$retry--;
|
William Brown