From ff943a1b9b37d68eb88eef984710f380a2fc3e03 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Wed, 24 Jan 2007 17:10:31 +0000 Subject: [PATCH] Clean up file context regexes in apache and java, from Eamon Walsh: Some file_contexts regular expressions in refpolicy-strict are causing genhomedircon to die; refpolicy is failing to build for me entirely. The regular expressions seem redundant to me, perhaps I am missing something, but the following patch fixes the problems for me. Please review and apply --- Changelog | 2 ++ policy/modules/apps/java.fc | 4 ++-- policy/modules/apps/java.te | 2 +- policy/modules/services/apache.fc | 2 +- policy/modules/services/apache.te | 2 +- 5 files changed, 7 insertions(+), 5 deletions(-) diff --git a/Changelog b/Changelog index 93c3e867..3e016ee2 100644 --- a/Changelog +++ b/Changelog @@ -1,3 +1,5 @@ +- Clean up file context regexes in apache and java, from Eamon Walsh. + * Tue Dec 12 2006 Chris PeBenito - 20061212 - Add policy patterns support macros. This changes the behavior of the create_dir_perms and create_file_perms permission sets. diff --git a/policy/modules/apps/java.fc b/policy/modules/apps/java.fc index 3937ebdd..d866fed2 100644 --- a/policy/modules/apps/java.fc +++ b/policy/modules/apps/java.fc @@ -1,14 +1,14 @@ # # /opt # -/opt/(.*/)?bin/java([^/]*)? -- gen_context(system_u:object_r:java_exec_t,s0) +/opt/(.*/)?bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0) /opt/ibm/java2-ppc64-50/jre/(bin|javaws)(/.*)? -- gen_context(system_u:object_r:java_exec_t,s0) # # /usr # /usr/(.*/)?bin/java.* -- gen_context(system_u:object_r:java_exec_t,s0) -/usr/lib(.*/)?bin/java([^/]*)? -- gen_context(system_u:object_r:java_exec_t,s0) +/usr/lib(.*/)?bin/java[^/]* -- gen_context(system_u:object_r:java_exec_t,s0) /usr/bin/frysk -- gen_context(system_u:object_r:java_exec_t,s0) /usr/bin/gappletviewer -- gen_context(system_u:object_r:java_exec_t,s0) /usr/bin/gcj-dbtool -- gen_context(system_u:object_r:java_exec_t,s0) diff --git a/policy/modules/apps/java.te b/policy/modules/apps/java.te index 6ebdea47..0e776e18 100644 --- a/policy/modules/apps/java.te +++ b/policy/modules/apps/java.te @@ -1,5 +1,5 @@ -policy_module(java,1.3.0) +policy_module(java,1.3.1) ######################################## # diff --git a/policy/modules/services/apache.fc b/policy/modules/services/apache.fc index 06f2248d..14c2bd69 100644 --- a/policy/modules/services/apache.fc +++ b/policy/modules/services/apache.fc @@ -40,7 +40,7 @@ ifdef(`distro_suse', ` /usr/share/htdig(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /usr/share/openca/htdocs(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) -/usr/share/selinux-policy([^/]*)?/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) +/usr/share/selinux-policy[^/]*/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /var/cache/httpd(/.*)? gen_context(system_u:object_r:httpd_cache_t,s0) /var/cache/mason(/.*)? gen_context(system_u:object_r:httpd_cache_t,s0) diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te index 02e0b2ff..e0d1aeb9 100644 --- a/policy/modules/services/apache.te +++ b/policy/modules/services/apache.te @@ -1,5 +1,5 @@ -policy_module(apache,1.5.0) +policy_module(apache,1.5.1) # # NOTES: