2020-03-31 14:30:12 +00:00
|
|
|
diff --git a/configure.in b/configure.in
|
2022-06-09 22:05:19 +00:00
|
|
|
index 74015ca..8c0ee10 100644
|
2020-03-31 14:30:12 +00:00
|
|
|
--- a/configure.in
|
|
|
|
+++ b/configure.in
|
2022-06-09 22:05:19 +00:00
|
|
|
@@ -508,6 +508,11 @@ getloadavg
|
2008-12-18 16:30:24 +00:00
|
|
|
dnl confirm that a void pointer is large enough to store a long integer
|
|
|
|
APACHE_CHECK_VOID_PTR_LEN
|
|
|
|
|
|
|
|
+AC_CHECK_LIB(selinux, is_selinux_enabled, [
|
2012-03-13 09:55:18 +00:00
|
|
|
+ AC_DEFINE(HAVE_SELINUX, 1, [Defined if SELinux is supported])
|
2017-03-24 17:05:26 +00:00
|
|
|
+ APR_ADDTO(HTTPD_LIBS, [-lselinux])
|
2008-12-18 16:30:24 +00:00
|
|
|
+])
|
|
|
|
+
|
2012-03-13 09:55:18 +00:00
|
|
|
AC_CACHE_CHECK([for gettid()], ac_cv_gettid,
|
|
|
|
[AC_TRY_RUN(#define _GNU_SOURCE
|
|
|
|
#include <unistd.h>
|
2020-03-31 14:30:12 +00:00
|
|
|
diff --git a/server/core.c b/server/core.c
|
2022-06-09 22:05:19 +00:00
|
|
|
index a6fa2fb..cf4cba4 100644
|
2020-03-31 14:30:12 +00:00
|
|
|
--- a/server/core.c
|
|
|
|
+++ b/server/core.c
|
2022-06-09 22:05:19 +00:00
|
|
|
@@ -65,6 +65,10 @@
|
2012-03-13 09:55:18 +00:00
|
|
|
#include <unistd.h>
|
|
|
|
#endif
|
2005-11-03 16:27:11 +00:00
|
|
|
|
2012-03-13 09:55:18 +00:00
|
|
|
+#ifdef HAVE_SELINUX
|
2005-11-03 16:27:11 +00:00
|
|
|
+#include <selinux/selinux.h>
|
2012-03-13 09:55:18 +00:00
|
|
|
+#endif
|
2005-11-03 16:27:11 +00:00
|
|
|
+
|
|
|
|
/* LimitRequestBody handling */
|
|
|
|
#define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1)
|
2022-06-09 22:05:19 +00:00
|
|
|
#define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 1<<30) /* 1GB */
|
|
|
|
@@ -5150,6 +5154,28 @@ static int core_post_config(apr_pool_t *pconf, apr_pool_t *plog, apr_pool_t *pte
|
2005-11-03 16:27:11 +00:00
|
|
|
}
|
|
|
|
#endif
|
|
|
|
|
2012-03-13 09:55:18 +00:00
|
|
|
+#ifdef HAVE_SELINUX
|
2005-11-03 16:27:11 +00:00
|
|
|
+ {
|
|
|
|
+ static int already_warned = 0;
|
|
|
|
+ int is_enabled = is_selinux_enabled() > 0;
|
|
|
|
+
|
2005-12-02 10:43:00 +00:00
|
|
|
+ if (is_enabled && !already_warned) {
|
2005-11-03 16:27:11 +00:00
|
|
|
+ security_context_t con;
|
|
|
|
+
|
|
|
|
+ if (getcon(&con) == 0) {
|
|
|
|
+
|
|
|
|
+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL,
|
|
|
|
+ "SELinux policy enabled; "
|
|
|
|
+ "httpd running as context %s", con);
|
|
|
|
+
|
|
|
|
+ already_warned = 1;
|
|
|
|
+
|
|
|
|
+ freecon(con);
|
|
|
|
+ }
|
|
|
|
+ }
|
|
|
|
+ }
|
2012-03-13 09:55:18 +00:00
|
|
|
+#endif
|
2005-11-03 16:27:11 +00:00
|
|
|
+
|
|
|
|
return OK;
|
|
|
|
}
|
|
|
|
|