rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

tweak inconsistencies in old policy to make them consistent with refpol, to make sediff easier to handle

Browse Source
This commit is contained in:
Chris PeBenito 2005-11-01 19:50:35 +00:00
parent ee08bc4c75
commit 168f5b3ceb
2 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
targeted/domains/program/postfix.te
View File

@ -77,8 +77,8 @@ dontaudit postfix_master_t security_t:dir search;
read_sysctl(postfix_master_t)
ifdef(`targeted_policy', `
bool disable_postfix_trans false;
if (!disable_postfix_trans) {
bool postfix_disable_trans false;
if (!postfix_disable_trans) {
')
domain_auto_trans(initrc_t, postfix_master_exec_t, postfix_master_t)
allow initrc_t postfix_master_t:process { noatsecure siginh rlimitinh };

6
targeted/macros/program/apache_macros.te
View File

@ -108,7 +108,7 @@ allow httpd_$1_script_t httpd_$1_script_rw_t:sock_file rw_file_perms;
ra_dir_file(httpd_$1_script_t, httpd_$1_script_ra_t)
anonymous_domain(httpd_$1_script)
if (httpd_enable_cgi && httpd_unified ifdef(`targeted_policy', ` && ! httpd_disable_trans')) {
if (httpd_enable_cgi && httpd_unified) {
create_dir_file(httpd_$1_script_t, httpdcontent)
can_exec(httpd_$1_script_t, httpdcontent)
}
@ -153,11 +153,11 @@ apache_domain($1)
typeattribute httpd_$1_content_t $1_file_type;
if (httpd_enable_cgi && httpd_unified ifdef(`targeted_policy', ` && ! httpd_disable_trans')) {
if (httpd_enable_cgi && httpd_unified) {
domain_auto_trans($1_t, httpdcontent, httpd_$1_script_t)
}
if (httpd_enable_cgi ifdef(`targeted_policy', ` && ! httpd_disable_trans')) {
if (httpd_enable_cgi) {
# If a user starts a script by hand it gets the proper context
domain_auto_trans($1_t, httpd_$1_script_exec_t, httpd_$1_script_t)
}