From 4e15f5dfe4eee5c18a80531f7d756c590e44669b Mon Sep 17 00:00:00 2001
From: Kenton Groombridge <me@concord.sh>
Date: Wed, 27 Jan 2021 15:39:51 -0500
Subject: [PATCH] apache: add interface for list dir perms on httpd content

This is needed by some webservers such as nginx when autoindexing is
enabled.

Signed-off-by: Kenton Groombridge <me@concord.sh>
---
 policy/modules/services/apache.if | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if
index 71696f051..f8c6c909d 100644
--- a/policy/modules/services/apache.if
+++ b/policy/modules/services/apache.if
@@ -520,6 +520,24 @@ interface(`apache_search_all_content',`
 	allow $1 httpdcontent:dir search_dir_perms;
 ')
 
+#######################################
+## <summary>
+##	List all apache content.
+## </summary>
+## <param name="domain">
+##	<summary>
+##	Domain allowed access.
+##	</summary>
+## </param>
+#
+interface(`apache_list_all_content',`
+	gen_require(`
+		attribute httpdcontent;
+	')
+
+	allow $1 httpdcontent:dir list_dir_perms;
+')
+
 ########################################
 ## <summary>
 ##	Create, read, write, and delete