projects / cascardo / ipsilon.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
set SELinux boolean httpd_can_connect_ldap when install infolap and authldap
[cascardo/ipsilon.git] / ipsilon / login / authldap.py
diff --git a/ipsilon/login/authldap.py b/ipsilon/login/authldap.py
index f383003..1f6c3dc 100644 (file)
--- a/ipsilon/login/authldap.py
+++ b/ipsilon/login/authldap.py
@@ -7,6 +7,7 @@ from ipsilon.util.log import Log
 from ipsilon.util import config as pconfig
 from ipsilon.info.infoldap import InfoProvider as LDAPInfo
 import ldap
 from ipsilon.util import config as pconfig
 from ipsilon.info.infoldap import InfoProvider as LDAPInfo
 import ldap
+import subprocess
 
 
 class LDAP(LoginFormBase, Log):
 
 
 class LDAP(LoginFormBase, Log):
@@ -201,3 +202,11 @@ class Installer(LoginManagerInstaller):
         # Update global config to add login plugin
         po.is_enabled = True
         po.save_enabled_state()
         # Update global config to add login plugin
         po.is_enabled = True
         po.save_enabled_state()
+
+        # For selinux enabled platforms permit httpd to connect to ldap,
+        # ignore if it fails
+        try:
+            subprocess.call(['/usr/sbin/setsebool', '-P',
+                             'httpd_can_connect_ldap=on'])
+        except Exception:  # pylint: disable=broad-except
+            pass
Unnamed repository; edit this file 'description' to name the repository.