42 lines
1.2 KiB
Diff
42 lines
1.2 KiB
Diff
From 4abf6bc506a31ae3e21ae736a44cea992c6ba6c1 Mon Sep 17 00:00:00 2001
|
|
From: Peter Jones <pjones@redhat.com>
|
|
Date: Fri, 20 Nov 2015 19:21:39 -0500
|
|
Subject: [PATCH 2/2] setfacl the db as well
|
|
|
|
---
|
|
src/pesign-authorize-groups | 4 ++++
|
|
src/pesign-authorize-users | 4 ++++
|
|
2 files changed, 8 insertions(+)
|
|
|
|
diff --git a/src/pesign-authorize-groups b/src/pesign-authorize-groups
|
|
index 2222809..e0f679d 100644
|
|
--- a/src/pesign-authorize-groups
|
|
+++ b/src/pesign-authorize-groups
|
|
@@ -17,5 +17,9 @@ if [[ -r /etc/pesign/groups ]]; then
|
|
setfacl -m g:${group}:rw /var/run/pesign/socket
|
|
fi
|
|
fi
|
|
+ if [ -d /etc/pki/pesign ]; then
|
|
+ setfacl -m g:${group}:rx /etc/pki/pesign
|
|
+ setfacl -m u:${group}:r /etc/pki/pesign/{cert8,key3,secmod}.db
|
|
+ fi
|
|
done
|
|
fi
|
|
diff --git a/src/pesign-authorize-users b/src/pesign-authorize-users
|
|
index 22bddec..997c8a3 100644
|
|
--- a/src/pesign-authorize-users
|
|
+++ b/src/pesign-authorize-users
|
|
@@ -17,5 +17,9 @@ if [[ -r /etc/pesign/users ]]; then
|
|
setfacl -m g:${username}:rw /var/run/pesign/socket
|
|
fi
|
|
fi
|
|
+ if [ -d /etc/pki/pesign ]; then
|
|
+ setfacl -m g:${username}:rx /etc/pki/pesign
|
|
+ setfacl -m u:${username}:r /etc/pki/pesign/{cert8,key3,secmod}.db
|
|
+ fi
|
|
done
|
|
fi
|
|
--
|
|
2.5.0
|
|
|