cobbler patch from Dan Walsh

policy/modules/services/cobbler.if

@@ -173,9 +173,11 @@ interface(`cobblerd_admin',`
 	files_list_var_lib($1)
 	admin_pattern($1, cobbler_var_lib_t)
 
-	files_search_var_log($1)
+	logging_search_logs($1)
 	admin_pattern($1, cobbler_var_log_t)
 
+	admin_pattern($1, httpd_cobbler_content_rw_t)
+
 	cobblerd_initrc_domtrans($1)
 	domain_system_change_exemption($1)
 	role_transition $2 cobblerd_initrc_exec_t system_r;

policy/modules/services/cobbler.te

@@ -40,6 +40,7 @@ allow cobblerd_t self:process { getsched setsched signal };
 allow cobblerd_t self:fifo_file rw_fifo_file_perms;
 allow cobblerd_t self:tcp_socket create_stream_socket_perms;
 
+list_dirs_pattern(cobblerd_t, cobbler_etc_t, cobbler_etc_t)
 read_files_pattern(cobblerd_t, cobbler_etc_t, cobbler_etc_t)
 
 manage_dirs_pattern(cobblerd_t, cobbler_var_lib_t, cobbler_var_lib_t)
@@ -68,6 +69,8 @@ corenet_tcp_sendrecv_generic_port(cobblerd_t)
 
 dev_read_urand(cobblerd_t)
 
+# read /etc/nsswitch.conf
+files_read_etc_files(cobblerd_t)
 files_read_usr_files(cobblerd_t)
 files_list_boot(cobblerd_t)
 files_list_tmp(cobblerd_t)
@@ -119,3 +122,12 @@ optional_policy(`
 optional_policy(`
 	tftp_manage_rw_content(cobblerd_t)
 ')
+
+########################################
+#
+# Cobbler web local policy.
+#
+
+apache_content_template(cobbler)
+manage_dirs_pattern(cobblerd_t, httpd_cobbler_content_rw_t,  httpd_cobbler_content_rw_t)
+manage_files_pattern(cobblerd_t, httpd_cobbler_content_rw_t,  httpd_cobbler_content_rw_t)