rpms/selinux-policy/F-9 policy-20071130.patch,1.165,1.166
Daniel J Walsh (dwalsh)
fedora-extras-commits at redhat.com
Fri May 30 17:37:18 UTC 2008
- Previous message (by thread): rpms/selinux-policy/F-9 policy-20071130.patch, 1.164, 1.165 selinux-policy.spec, 1.679, 1.680
- Next message (by thread): rpms/wormux/devel .cvsignore, 1.4, 1.5 sources, 1.4, 1.5 wormux.spec, 1.12, 1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
Author: dwalsh
Update of /cvs/extras/rpms/selinux-policy/F-9
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv31966
Modified Files:
policy-20071130.patch
Log Message:
* Fri May 30 2008 Dan Walsh <dwalsh at redhat.com> 3.3.1-63
- Allow policykit_resolve to ptrace user processes
policy-20071130.patch:
Index: policy-20071130.patch
===================================================================
RCS file: /cvs/extras/rpms/selinux-policy/F-9/policy-20071130.patch,v
retrieving revision 1.165
retrieving revision 1.166
diff -u -r1.165 -r1.166
--- policy-20071130.patch 30 May 2008 17:24:14 -0000 1.165
+++ policy-20071130.patch 30 May 2008 17:36:35 -0000 1.166
@@ -9214,7 +9214,7 @@
+/etc/rc\.d/init\.d/httpd -- gen_context(system_u:object_r:httpd_script_exec_t,s0)
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.if serefpolicy-3.3.1/policy/modules/services/apache.if
--- nsaserefpolicy/policy/modules/services/apache.if 2008-02-26 08:23:10.000000000 -0500
-+++ serefpolicy-3.3.1/policy/modules/services/apache.if 2008-05-30 12:18:18.585456000 -0400
++++ serefpolicy-3.3.1/policy/modules/services/apache.if 2008-05-30 13:36:09.141095000 -0400
@@ -13,21 +13,16 @@
#
template(`apache_content_template',`
@@ -9685,7 +9685,7 @@
')
########################################
-@@ -1088,3 +1055,169 @@
+@@ -1088,3 +1055,142 @@
allow httpd_t $1:process signal;
')
@@ -9828,33 +9828,6 @@
+# allow httpd_setsebool_t httpd_bool_t:dir list_dir_perms;
+# allow httpd_setsebool_t httpd_bool_t:file rw_file_perms;
+')
-+
-+########################################
-+## <summary>
-+## Allow the specified domain to delete
-+## apache system content rw files.
-+## </summary>
-+## <param name="domain">
-+## <summary>
-+## Domain allowed access.
-+## </summary>
-+## </param>
-+## <rolecap/>
-+#
-+# Note that httpd_sys_content_t is found in /var, /etc, /srv and /usr
-+interface(`apache_delete_sys_content_rw',`
-+ gen_require(`
-+ type httpd_sys_content_rw_t;
-+ ')
-+
-+ files_search_tmp($1)
-+ delete_dirs_pattern($1,httpd_sys_content_rw_t,httpd_sys_content_rw_t)
-+ delete_files_pattern($1,httpd_sys_content_rw_t,httpd_sys_content_rw_t)
-+ delete_lnk_files_pattern($1,httpd_sys_content_rw_t,httpd_sys_content_rw_t)
-+ delete_fifo_files_pattern($1,httpd_sys_content_rw_t,httpd_sys_content_rw_t)
-+ delete_sock_files_pattern($1,httpd_sys_content_rw_t,httpd_sys_content_rw_t)
-+')
-+
diff --exclude-from=exclude -N -u -r nsaserefpolicy/policy/modules/services/apache.te serefpolicy-3.3.1/policy/modules/services/apache.te
--- nsaserefpolicy/policy/modules/services/apache.te 2008-02-26 08:23:10.000000000 -0500
+++ serefpolicy-3.3.1/policy/modules/services/apache.te 2008-05-28 09:06:13.000000000 -0400
- Previous message (by thread): rpms/selinux-policy/F-9 policy-20071130.patch, 1.164, 1.165 selinux-policy.spec, 1.679, 1.680
- Next message (by thread): rpms/wormux/devel .cvsignore, 1.4, 1.5 sources, 1.4, 1.5 wormux.spec, 1.12, 1.13
- Messages sorted by:
[ date ]
[ thread ]
[ subject ]
[ author ]
More information about the fedora-extras-commits
mailing list