Whitespace fixes on Apache.

This commit is contained in:
Chris PeBenito 2010-04-05 14:05:05 -04:00
parent da0608ba38
commit 20fa703294
3 changed files with 13 additions and 13 deletions

View File

@ -11,10 +11,10 @@ HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_u
/etc/lighttpd(/.*)? gen_context(system_u:object_r:httpd_config_t,s0) /etc/lighttpd(/.*)? gen_context(system_u:object_r:httpd_config_t,s0)
/etc/mock/koji(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /etc/mock/koji(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
/etc/rc\.d/init\.d/httpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) /etc/rc\.d/init\.d/httpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0)
/etc/rc\.d/init\.d/lighttpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) /etc/rc\.d/init\.d/lighttpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0)
/etc/vhosts -- gen_context(system_u:object_r:httpd_config_t,s0) /etc/vhosts -- gen_context(system_u:object_r:httpd_config_t,s0)
/etc/zabbix/web(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /etc/zabbix/web(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
/srv/([^/]*/)?www(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /srv/([^/]*/)?www(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
/srv/gallery2(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /srv/gallery2(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
@ -35,7 +35,7 @@ HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_u
/usr/sbin/apache(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0) /usr/sbin/apache(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0)
/usr/sbin/apache-ssl(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0) /usr/sbin/apache-ssl(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0)
/usr/sbin/httpd(\.worker)? -- gen_context(system_u:object_r:httpd_exec_t,s0) /usr/sbin/httpd(\.worker)? -- gen_context(system_u:object_r:httpd_exec_t,s0)
/usr/sbin/lighttpd -- gen_context(system_u:object_r:httpd_exec_t,s0) /usr/sbin/lighttpd -- gen_context(system_u:object_r:httpd_exec_t,s0)
/usr/sbin/rotatelogs -- gen_context(system_u:object_r:httpd_rotatelogs_exec_t,s0) /usr/sbin/rotatelogs -- gen_context(system_u:object_r:httpd_rotatelogs_exec_t,s0)
/usr/sbin/suexec -- gen_context(system_u:object_r:httpd_suexec_exec_t,s0) /usr/sbin/suexec -- gen_context(system_u:object_r:httpd_suexec_exec_t,s0)
@ -54,7 +54,7 @@ ifdef(`distro_suse', `
/usr/share/ntop/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /usr/share/ntop/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
/usr/share/openca/htdocs(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /usr/share/openca/htdocs(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
/usr/share/selinux-policy[^/]*/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /usr/share/selinux-policy[^/]*/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
/usr/share/wordpress-mu/wp-config\.php -- gen_context(system_u:object_r:httpd_sys_script_exec_t,s0) /usr/share/wordpress-mu/wp-config\.php -- gen_context(system_u:object_r:httpd_sys_script_exec_t,s0)
/usr/share/wordpress-mu/wp-content(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /usr/share/wordpress-mu/wp-content(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
/usr/share/wordpress/wp-content/uploads(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /usr/share/wordpress/wp-content/uploads(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
@ -101,7 +101,7 @@ ifdef(`distro_debian', `
/var/spool/gosa(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /var/spool/gosa(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0)
/var/spool/squirrelmail(/.*)? gen_context(system_u:object_r:squirrelmail_spool_t,s0) /var/spool/squirrelmail(/.*)? gen_context(system_u:object_r:squirrelmail_spool_t,s0)
/var/spool/viewvc(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t, s0) /var/spool/viewvc(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t, s0)
/var/www(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /var/www(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0)
/var/www(/.*)?/logs(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) /var/www(/.*)?/logs(/.*)? gen_context(system_u:object_r:httpd_log_t,s0)

View File

@ -119,7 +119,7 @@ template(`apache_content_template',`
tunable_policy(`allow_httpd_$1_script_anon_write',` tunable_policy(`allow_httpd_$1_script_anon_write',`
miscfiles_manage_public_files(httpd_$1_script_t) miscfiles_manage_public_files(httpd_$1_script_t)
') ')
# Allow the web server to run scripts and serve pages # Allow the web server to run scripts and serve pages
tunable_policy(`httpd_builtin_scripting',` tunable_policy(`httpd_builtin_scripting',`
@ -1088,7 +1088,7 @@ interface(`apache_read_tmp_files',`
######################################## ########################################
## <summary> ## <summary>
## Dontaudit attempts to write ## Dontaudit attempts to write
## apache tmp files. ## apache tmp files.
## </summary> ## </summary>
## <param name="domain"> ## <param name="domain">

View File

@ -2,14 +2,14 @@
policy_module(apache, 2.1.2) policy_module(apache, 2.1.2)
# #
# NOTES: # NOTES:
# This policy will work with SUEXEC enabled as part of the Apache # This policy will work with SUEXEC enabled as part of the Apache
# configuration. However, the user CGI scripts will run under the # configuration. However, the user CGI scripts will run under the
# system_u:system_r:httpd_user_script_t. # system_u:system_r:httpd_user_script_t.
# #
# The user CGI scripts must be labeled with the httpd_user_script_exec_t # The user CGI scripts must be labeled with the httpd_user_script_exec_t
# type, and the directory containing the scripts should also be labeled # type, and the directory containing the scripts should also be labeled
# with these types. This policy allows the user role to perform that # with these types. This policy allows the user role to perform that
# relabeling. If it is desired that only admin role should be able to relabel # relabeling. If it is desired that only admin role should be able to relabel
# the user CGI scripts, then relabel rule for user roles should be removed. # the user CGI scripts, then relabel rule for user roles should be removed.
# #
@ -184,7 +184,7 @@ files_lock_file(httpd_lock_t)
type httpd_log_t; type httpd_log_t;
logging_log_file(httpd_log_t) logging_log_file(httpd_log_t)
# httpd_modules_t is the type given to module files (libraries) # httpd_modules_t is the type given to module files (libraries)
# that come with Apache /etc/httpd/modules and /usr/lib/apache # that come with Apache /etc/httpd/modules and /usr/lib/apache
type httpd_modules_t; type httpd_modules_t;
files_type(httpd_modules_t) files_type(httpd_modules_t)
@ -337,7 +337,7 @@ manage_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t)
manage_lnk_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t) manage_lnk_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t)
manage_fifo_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t) manage_fifo_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t)
manage_sock_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t) manage_sock_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t)
fs_tmpfs_filetrans(httpd_t, httpd_tmpfs_t,{ dir file lnk_file sock_file fifo_file }) fs_tmpfs_filetrans(httpd_t, httpd_tmpfs_t, { dir file lnk_file sock_file fifo_file })
manage_files_pattern(httpd_t, httpd_var_lib_t, httpd_var_lib_t) manage_files_pattern(httpd_t, httpd_var_lib_t, httpd_var_lib_t)
files_var_lib_filetrans(httpd_t, httpd_var_lib_t, file) files_var_lib_filetrans(httpd_t, httpd_var_lib_t, file)
@ -418,7 +418,7 @@ userdom_use_unpriv_users_fds(httpd_t)
tunable_policy(`allow_httpd_anon_write',` tunable_policy(`allow_httpd_anon_write',`
miscfiles_manage_public_files(httpd_t) miscfiles_manage_public_files(httpd_t)
') ')
ifdef(`TODO', ` ifdef(`TODO', `
# #
@ -497,7 +497,7 @@ tunable_policy(`httpd_ssi_exec',`
# When the admin starts the server, the server wants to access # When the admin starts the server, the server wants to access
# the TTY or PTY associated with the session. The httpd appears # the TTY or PTY associated with the session. The httpd appears
# to run correctly without this permission, so the permission # to run correctly without this permission, so the permission
# are dontaudited here. # are dontaudited here.
tunable_policy(`httpd_tty_comm',` tunable_policy(`httpd_tty_comm',`
userdom_use_user_terminals(httpd_t) userdom_use_user_terminals(httpd_t)
',` ',`