1 |
commit: 11cb1c719459a62bbb5a62f1ed7e54a602040ae9 |
2 |
Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
3 |
AuthorDate: Sat Jul 5 16:53:00 2014 +0000 |
4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jul 29 14:05:22 2014 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=11cb1c71 |
7 |
|
8 |
Add support for Hiawatha web server |
9 |
|
10 |
Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be> |
11 |
|
12 |
--- |
13 |
policy/modules/contrib/apache.fc | 8 ++++++++ |
14 |
1 file changed, 8 insertions(+) |
15 |
|
16 |
diff --git a/policy/modules/contrib/apache.fc b/policy/modules/contrib/apache.fc |
17 |
index 818e177..0a2dbfd 100644 |
18 |
--- a/policy/modules/contrib/apache.fc |
19 |
+++ b/policy/modules/contrib/apache.fc |
20 |
@@ -8,6 +8,7 @@ HOME_DIR/((www)|(web)|(public_html))(/.*)?/logs(/.*)? gen_context(system_u:objec |
21 |
/etc/cherokee(/.*)? gen_context(system_u:object_r:httpd_config_t,s0) |
22 |
/etc/drupal.* gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) |
23 |
/etc/glpi(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) |
24 |
+/etc/hiawatha(/.*)? gen_context(system_u:object_r:httpd_config_t,s0) |
25 |
/etc/horde(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) |
26 |
/etc/htdig(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) |
27 |
/etc/httpd(/.*)? gen_context(system_u:object_r:httpd_config_t,s0) |
28 |
@@ -19,6 +20,7 @@ HOME_DIR/((www)|(web)|(public_html))(/.*)?/logs(/.*)? gen_context(system_u:objec |
29 |
/etc/z-push(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) |
30 |
|
31 |
/etc/rc\.d/init\.d/cherokee -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) |
32 |
+/etc/rc\.d/init\.d/hiawatha -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) |
33 |
/etc/rc\.d/init\.d/httpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) |
34 |
/etc/rc\.d/init\.d/lighttpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) |
35 |
|
36 |
@@ -36,6 +38,7 @@ HOME_DIR/((www)|(web)|(public_html))(/.*)?/logs(/.*)? gen_context(system_u:objec |
37 |
|
38 |
/usr/bin/htsslpass -- gen_context(system_u:object_r:httpd_helper_exec_t,s0) |
39 |
/usr/bin/mongrel_rails -- gen_context(system_u:object_r:httpd_exec_t,s0) |
40 |
+/usr/bin/ssi-cgi -- gen_context(system_u:object_r:httpd_exec_t,s0) |
41 |
|
42 |
/usr/lib/apache-ssl/.+ -- gen_context(system_u:object_r:httpd_exec_t,s0) |
43 |
/usr/lib/apache(/.*)? gen_context(system_u:object_r:httpd_modules_t,s0) |
44 |
@@ -52,12 +55,15 @@ HOME_DIR/((www)|(web)|(public_html))(/.*)?/logs(/.*)? gen_context(system_u:objec |
45 |
|
46 |
/usr/sbin/apache(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0) |
47 |
/usr/sbin/apache-ssl(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0) |
48 |
+/usr/sbin/cgi-wrapper -- gen_context(system_u:object_r:httpd_exec_t,s0) |
49 |
/usr/sbin/cherokee -- gen_context(system_u:object_r:httpd_exec_t,s0) |
50 |
+/usr/sbin/hiawatha -- gen_context(system_u:object_r:httpd_exec_t,s0) |
51 |
/usr/sbin/httpd\.event -- gen_context(system_u:object_r:httpd_exec_t,s0) |
52 |
/usr/sbin/httpd(\.worker)? -- gen_context(system_u:object_r:httpd_exec_t,s0) |
53 |
/usr/sbin/lighttpd -- gen_context(system_u:object_r:httpd_exec_t,s0) |
54 |
/usr/sbin/rotatelogs -- gen_context(system_u:object_r:httpd_rotatelogs_exec_t,s0) |
55 |
/usr/sbin/suexec -- gen_context(system_u:object_r:httpd_suexec_exec_t,s0) |
56 |
+/usr/sbin/wigwam -- gen_context(system_u:object_r:httpd_exec_t,s0) |
57 |
|
58 |
ifdef(`distro_suse',` |
59 |
/usr/sbin/httpd2-.* -- gen_context(system_u:object_r:httpd_exec_t,s0) |
60 |
@@ -105,6 +111,7 @@ ifdef(`distro_suse',` |
61 |
/var/lib/dokuwiki(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) |
62 |
/var/lib/drupal.* gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) |
63 |
/var/lib/glpi(/.*)? gen_context(system_u:object_r:httpd_var_lib_t,s0) |
64 |
+/var/lib/hiawatha(/.*)? gen_context(system_u:object_r:httpd_var_lib_t,s0) |
65 |
/var/lib/htdig(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) |
66 |
/var/lib/httpd(/.*)? gen_context(system_u:object_r:httpd_var_lib_t,s0) |
67 |
/var/lib/lighttpd(/.*)? gen_context(system_u:object_r:httpd_var_lib_t,s0) |
68 |
@@ -124,6 +131,7 @@ ifdef(`distro_suse',` |
69 |
/var/log/cherokee(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) |
70 |
/var/log/dirsrv/admin-serv(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) |
71 |
/var/log/glpi(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) |
72 |
+/var/log/hiawatha(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) |
73 |
/var/log/mlogc(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) |
74 |
/var/log/httpd(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) |
75 |
/var/log/horde2(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) |