trunk: Fix httpd_enable_homedirs to actually provide the access it is supposed to provide.
This commit is contained in:
parent
5fe7de9ea9
commit
e311e23a44
|
@ -1,3 +1,5 @@
|
||||||
|
- Fix httpd_enable_homedirs to actually provide the access it is supposed to
|
||||||
|
provide.
|
||||||
- Add unused interface/template parameter metadata in XML.
|
- Add unused interface/template parameter metadata in XML.
|
||||||
- Patch to handle postfix data_directory from Vaclav Ovsik.
|
- Patch to handle postfix data_directory from Vaclav Ovsik.
|
||||||
- SE-Postgresql policy from KaiGai Kohei.
|
- SE-Postgresql policy from KaiGai Kohei.
|
||||||
|
|
|
@ -1,5 +1,5 @@
|
||||||
|
|
||||||
policy_module(apache, 1.9.3)
|
policy_module(apache, 1.9.4)
|
||||||
|
|
||||||
#
|
#
|
||||||
# NOTES:
|
# NOTES:
|
||||||
|
@ -394,6 +394,10 @@ tunable_policy(`httpd_enable_ftp_server',`
|
||||||
corenet_tcp_bind_ftp_port(httpd_t)
|
corenet_tcp_bind_ftp_port(httpd_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
tunable_policy(`httpd_enable_homedirs',`
|
||||||
|
userdom_read_unpriv_users_home_content_files(httpd_t)
|
||||||
|
')
|
||||||
|
|
||||||
tunable_policy(`httpd_enable_homedirs && use_nfs_home_dirs',`
|
tunable_policy(`httpd_enable_homedirs && use_nfs_home_dirs',`
|
||||||
fs_read_nfs_files(httpd_t)
|
fs_read_nfs_files(httpd_t)
|
||||||
fs_read_nfs_symlinks(httpd_t)
|
fs_read_nfs_symlinks(httpd_t)
|
||||||
|
@ -634,6 +638,10 @@ tunable_policy(`httpd_enable_cgi && httpd_unified',`
|
||||||
domtrans_pattern(httpd_suexec_t, httpdcontent, httpd_sys_script_t)
|
domtrans_pattern(httpd_suexec_t, httpdcontent, httpd_sys_script_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
tunable_policy(`httpd_enable_homedirs',`
|
||||||
|
userdom_read_unpriv_users_home_content_files(httpd_suexec_t)
|
||||||
|
')
|
||||||
|
|
||||||
tunable_policy(`httpd_enable_homedirs && use_nfs_home_dirs',`
|
tunable_policy(`httpd_enable_homedirs && use_nfs_home_dirs',`
|
||||||
fs_read_nfs_files(httpd_suexec_t)
|
fs_read_nfs_files(httpd_suexec_t)
|
||||||
fs_read_nfs_symlinks(httpd_suexec_t)
|
fs_read_nfs_symlinks(httpd_suexec_t)
|
||||||
|
@ -688,6 +696,10 @@ ifdef(`distro_redhat',`
|
||||||
allow httpd_sys_script_t httpd_log_t:file { getattr append };
|
allow httpd_sys_script_t httpd_log_t:file { getattr append };
|
||||||
')
|
')
|
||||||
|
|
||||||
|
tunable_policy(`httpd_enable_homedirs',`
|
||||||
|
userdom_read_unpriv_users_home_content_files(httpd_sys_script_t)
|
||||||
|
')
|
||||||
|
|
||||||
tunable_policy(`httpd_enable_homedirs && use_nfs_home_dirs',`
|
tunable_policy(`httpd_enable_homedirs && use_nfs_home_dirs',`
|
||||||
fs_read_nfs_files(httpd_sys_script_t)
|
fs_read_nfs_files(httpd_sys_script_t)
|
||||||
fs_read_nfs_symlinks(httpd_sys_script_t)
|
fs_read_nfs_symlinks(httpd_sys_script_t)
|
||||||
|
|
Loading…
Reference in New Issue