projects
/
cascardo
/
ipsilon.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
set SELinux boolean httpd_can_connect_ldap when install infolap and authldap
[cascardo/ipsilon.git]
/
ipsilon
/
login
/
authldap.py
diff --git
a/ipsilon/login/authldap.py
b/ipsilon/login/authldap.py
index
f383003
..
1f6c3dc
100644
(file)
--- a/
ipsilon/login/authldap.py
+++ b/
ipsilon/login/authldap.py
@@
-7,6
+7,7
@@
from ipsilon.util.log import Log
from ipsilon.util import config as pconfig
from ipsilon.info.infoldap import InfoProvider as LDAPInfo
import ldap
from ipsilon.util import config as pconfig
from ipsilon.info.infoldap import InfoProvider as LDAPInfo
import ldap
+import subprocess
class LDAP(LoginFormBase, Log):
class LDAP(LoginFormBase, Log):
@@
-201,3
+202,11
@@
class Installer(LoginManagerInstaller):
# Update global config to add login plugin
po.is_enabled = True
po.save_enabled_state()
# Update global config to add login plugin
po.is_enabled = True
po.save_enabled_state()
+
+ # For selinux enabled platforms permit httpd to connect to ldap,
+ # ignore if it fails
+ try:
+ subprocess.call(['/usr/sbin/setsebool', '-P',
+ 'httpd_can_connect_ldap=on'])
+ except Exception: # pylint: disable=broad-except
+ pass