RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Users calling apache_role were not able to manage httpd_user_content_t files, directories and symbolic links. 

From 78d6e4acfc000b07dbf85b076fa523e95e72da3f Sun, 13 Feb 2011 18:55:53 +0100
From: Dominick Grift <domg472@gmail.com>
Date: Sun, 13 Feb 2011 18:55:09 +0100
Subject: [PATCH] Users calling apache_role were not able to manage httpd_user_content_t files, directories and symbolic links.

Users calling apache_role were not able to manage httpd_user_content_t files, directories and symbolic links.

Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
Dominick Grift 2011-02-13 18:58:38 +01:00 committed by Chris PeBenito
parent 6b2440aab6
commit 83e07b8a25
1 changed files with 7 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
policy/modules/services/apache.if
View File

@ -218,10 +218,15 @@ interface(`apache_role',`
role $1 types httpd_user_script_t;
allow $2 httpd_user_content_t:{ dir file lnk_file } { relabelto relabelfrom };
allow $2 httpd_user_htaccess_t:file { manage_file_perms relabelto relabelfrom };
manage_dirs_pattern($2, httpd_user_content_t, httpd_user_content_t)
manage_files_pattern($2, httpd_user_content_t, httpd_user_content_t)
manage_lnk_files_pattern($2, httpd_user_content_t, httpd_user_content_t)
relabel_dirs_pattern($2, httpd_user_content_t, httpd_user_content_t)
relabel_files_pattern($2, httpd_user_content_t, httpd_user_content_t)
relabel_lnk_files_pattern($2, httpd_user_content_t, httpd_user_content_t)
manage_dirs_pattern($2, httpd_user_ra_content_t, httpd_user_ra_content_t)
manage_files_pattern($2, httpd_user_ra_content_t, httpd_user_ra_content_t)
manage_lnk_files_pattern($2, httpd_user_ra_content_t, httpd_user_ra_content_t)