Signed-off-by: John Dennis <jdennis@redhat.com>
Reviewed-by: Patrick Uiterwijk <puiterwijk@redhat.com>
from ipsilon.util.policy import Policy
from ipsilon.util import config as pconfig
import ldap
from ipsilon.util.policy import Policy
from ipsilon.util import config as pconfig
import ldap
# TODO: fetch mapping from configuration
# TODO: fetch mapping from configuration
# Update global config to add info plugin
po.is_enabled = True
po.save_enabled_state()
# Update global config to add info plugin
po.is_enabled = True
po.save_enabled_state()
+
+ # For selinux enabled platforms permit httpd to connect to ldap,
+ # ignore if it fails
+ try:
+ subprocess.call(['/usr/sbin/setsebool', '-P',
+ 'httpd_can_connect_ldap=on'])
+ except Exception: # pylint: disable=broad-except
+ pass
from ipsilon.util import config as pconfig
from ipsilon.info.infoldap import InfoProvider as LDAPInfo
import ldap
from ipsilon.util import config as pconfig
from ipsilon.info.infoldap import InfoProvider as LDAPInfo
import ldap
class LDAP(LoginFormBase, Log):
class LDAP(LoginFormBase, Log):
# Update global config to add login plugin
po.is_enabled = True
po.save_enabled_state()
# Update global config to add login plugin
po.is_enabled = True
po.save_enabled_state()
+
+ # For selinux enabled platforms permit httpd to connect to ldap,
+ # ignore if it fails
+ try:
+ subprocess.call(['/usr/sbin/setsebool', '-P',
+ 'httpd_can_connect_ldap=on'])
+ except Exception: # pylint: disable=broad-except
+ pass