Alon Bar-Lev has uploaded a new change for review. Change subject: packaging: setup: aio: support ssh when selinux enabled ......................................................................
packaging: setup: aio: support ssh when selinux enabled if ~root/.ssh is missing and selinux enabled, it will be created without proper selinux attributes, causing ssh to fail. Buf-Url: https://bugzilla.redhat.com/show_bug.cgi?id=1036209 Change-Id: Icfe55ccf4535792fed69912553d86a53dec3764b Signed-off-by: Alon Bar-Lev <alo...@redhat.com> --- M packaging/setup/ovirt_engine_setup/constants.py M packaging/setup/plugins/ovirt-engine-setup/all-in-one/sshd.py M packaging/setup/plugins/ovirt-engine-setup/all-in-one/vdsm.py 3 files changed, 22 insertions(+), 0 deletions(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-engine refs/changes/74/21874/1 diff --git a/packaging/setup/ovirt_engine_setup/constants.py b/packaging/setup/ovirt_engine_setup/constants.py index 5d42d4e..7031272 100644 --- a/packaging/setup/ovirt_engine_setup/constants.py +++ b/packaging/setup/ovirt_engine_setup/constants.py @@ -569,6 +569,7 @@ AIO_CONFIG_AVAILABLE = 'osetup.aio.config.available' AIO_CONFIG_NOT_AVAILABLE = 'osetup.aio.config.not.available' AIO_CONFIG_STORAGE = 'osetup.aio.config.storage' + AIO_CONFIG_SSH = 'osetup.aio.config.ssh' AIO_CONFIG_VDSM = 'osetup.aio.config.vdsm' UPGRADE_FROM_LEGACY_CONFIG = 'osetup.legacy.upgrade' diff --git a/packaging/setup/plugins/ovirt-engine-setup/all-in-one/sshd.py b/packaging/setup/plugins/ovirt-engine-setup/all-in-one/sshd.py index 359f39b..265b470 100644 --- a/packaging/setup/plugins/ovirt-engine-setup/all-in-one/sshd.py +++ b/packaging/setup/plugins/ovirt-engine-setup/all-in-one/sshd.py @@ -62,6 +62,7 @@ osetupcons.CoreEnv.DEVELOPER_MODE ] self.command.detect('sshd') + self.command.detect('restorecon') @plugin.event( stage=plugin.Stages.STAGE_CUSTOMIZATION, @@ -150,6 +151,7 @@ @plugin.event( stage=plugin.Stages.STAGE_CLOSEUP, + name=osetupcons.Stages.AIO_CONFIG_SSH, condition=lambda self: ( self._enabled and self.environment[osetupcons.AIOEnv.CONFIGURE] @@ -161,5 +163,23 @@ state=True ) + if self.command.get('restorecon', optional=True) is not None: + rc, stdout, stderr = self.execute( + ( + self.command.get('restorecon'), + '-r', + os.path.join( + os.path.expanduser('~root'), + '.ssh', + ), + ), + raiseOnError=False, + ) + + if rc != 0: + self.logger.warning( + _('Cannot set SELinux properties on SSH directory') + ) + # vim: expandtab tabstop=4 shiftwidth=4 diff --git a/packaging/setup/plugins/ovirt-engine-setup/all-in-one/vdsm.py b/packaging/setup/plugins/ovirt-engine-setup/all-in-one/vdsm.py index 55d6665..da2c55d 100644 --- a/packaging/setup/plugins/ovirt-engine-setup/all-in-one/vdsm.py +++ b/packaging/setup/plugins/ovirt-engine-setup/all-in-one/vdsm.py @@ -171,6 +171,7 @@ ], after=( osetupcons.Stages.AIO_CONFIG_STORAGE, + osetupcons.Stages.AIO_CONFIG_SSH, osetupcons.Stages.CORE_ENGINE_START, osetupcons.Stages.APACHE_RESTART, ), -- To view, visit http://gerrit.ovirt.org/21874 To unsubscribe, visit http://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: Icfe55ccf4535792fed69912553d86a53dec3764b Gerrit-PatchSet: 1 Gerrit-Project: ovirt-engine Gerrit-Branch: master Gerrit-Owner: Alon Bar-Lev <alo...@redhat.com> _______________________________________________ Engine-patches mailing list Engine-patches@ovirt.org http://lists.ovirt.org/mailman/listinfo/engine-patches
