4a6ab956fe
This is an automated DistroBaker update from upstream sources. If you do not know what this is about or would like to opt out, contact the OSCI team. Source: https://src.fedoraproject.org/rpms/policycoreutils.git#b47cf5c7c221d52f659303fe41a406239a74d8d3
47 lines
1.9 KiB
Diff
47 lines
1.9 KiB
Diff
From 932c1244bc98d3a05a238f3f0b333cf8c429113b Mon Sep 17 00:00:00 2001
|
|
From: Dan Walsh <dwalsh@redhat.com>
|
|
Date: Mon, 21 Apr 2014 13:54:40 -0400
|
|
Subject: [PATCH] Fix STANDARD_FILE_CONTEXT section in man pages
|
|
|
|
Signed-off-by: Miroslav Grepl <mgrepl@redhat.com>
|
|
---
|
|
python/sepolicy/sepolicy/manpage.py | 7 +++++--
|
|
1 file changed, 5 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/python/sepolicy/sepolicy/manpage.py b/python/sepolicy/sepolicy/manpage.py
|
|
index 3e8a3be907e3..a1d70623cff0 100755
|
|
--- a/python/sepolicy/sepolicy/manpage.py
|
|
+++ b/python/sepolicy/sepolicy/manpage.py
|
|
@@ -735,10 +735,13 @@ Default Defined Ports:""")
|
|
|
|
def _file_context(self):
|
|
flist = []
|
|
+ flist_non_exec = []
|
|
mpaths = []
|
|
for f in self.all_file_types:
|
|
if f.startswith(self.domainname):
|
|
flist.append(f)
|
|
+ if not file_type_is_executable(f) or not file_type_is_entrypoint(f):
|
|
+ flist_non_exec.append(f)
|
|
if f in self.fcdict:
|
|
mpaths = mpaths + self.fcdict[f]["regex"]
|
|
if len(mpaths) == 0:
|
|
@@ -797,12 +800,12 @@ SELinux %(domainname)s policy is very flexible allowing users to setup their %(d
|
|
SELinux defines the file context types for the %(domainname)s, if you wanted to
|
|
store files with these types in a diffent paths, you need to execute the semanage command to sepecify alternate labeling and then use restorecon to put the labels on disk.
|
|
|
|
-.B semanage fcontext -a -t %(type)s '/srv/%(domainname)s/content(/.*)?'
|
|
+.B semanage fcontext -a -t %(type)s '/srv/my%(domainname)s_content(/.*)?'
|
|
.br
|
|
.B restorecon -R -v /srv/my%(domainname)s_content
|
|
|
|
Note: SELinux often uses regular expressions to specify labels that match multiple files.
|
|
-""" % {'domainname': self.domainname, "type": flist[0]})
|
|
+""" % {'domainname': self.domainname, "type": flist_non_exec[-1]})
|
|
|
|
self.fd.write(r"""
|
|
.I The following file types are defined for %(domainname)s:
|
|
--
|
|
2.29.0
|
|
|