Mailinglist Archive: yast-commit (953 mails)

< Previous Next >
[yast-commit] r49572 - /trunk/ldap-server/src/LdapServer.pm
  • From: rhafer@xxxxxxxxxxxxxxxx
  • Date: Fri, 01 Aug 2008 12:20:09 -0000
  • Message-id: <20080801122009.65808272BA@xxxxxxxxxxxxxxxx>
Author: rhafer
Date: Fri Aug 1 14:20:09 2008
New Revision: 49572

URL: http://svn.opensuse.org/viewcvs/yast?rev=49572&view=rev
Log:
Set filesystem ACLs for Certificate Key

Modified:
trunk/ldap-server/src/LdapServer.pm

Modified: trunk/ldap-server/src/LdapServer.pm
URL:
http://svn.opensuse.org/viewcvs/yast/trunk/ldap-server/src/LdapServer.pm?rev=49572&r1=49571&r2=49572&view=diff
==============================================================================
--- trunk/ldap-server/src/LdapServer.pm (original)
+++ trunk/ldap-server/src/LdapServer.pm Fri Aug 1 14:20:09 2008
@@ -755,6 +755,14 @@
{
my $self = shift;
my $tls = shift;
+ my $ret = SCR->Execute(".target.bash",
+ "/usr/bin/setfacl -m u:ldap:r
".$tls->{'certKeyFile'});
+ if($ret != 0) {
+ return $self->SetError(_("Can not set a filesystem acl on the private
key"),
+ "setfacl -m u:ldap:r
"./etc/ssl/servercerts/serverkey.pem." failed.\n".
+ "Do you have filesystem acl support disabled?"
);
+ return 0;
+ }
my $rc = SCR->Write('.ldapserver.global.tlsSettings', $tls );
return 1;
}

--
To unsubscribe, e-mail: yast-commit+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: yast-commit+help@xxxxxxxxxxxx

< Previous Next >
This Thread
  • No further messages