1 |
commit: acd5256f26cc02031dfbee0cc4be2bca43d0b05e |
2 |
Author: Dominick Grift <dominick.grift <AT> gmail <DOT> com> |
3 |
AuthorDate: Mon Feb 11 20:11:58 2013 +0000 |
4 |
Commit: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> |
5 |
CommitDate: Mon Mar 4 20:12:18 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=acd5256f |
7 |
|
8 |
Make httpd_manage_all_user_content() do what it advertises |
9 |
|
10 |
Signed-off-by: Dominick Grift <dominick.grift <AT> gmail.com> |
11 |
|
12 |
--- |
13 |
policy/modules/contrib/apache.if | 10 ++++++++-- |
14 |
1 files changed, 8 insertions(+), 2 deletions(-) |
15 |
|
16 |
diff --git a/policy/modules/contrib/apache.if b/policy/modules/contrib/apache.if |
17 |
index bbf6e4b..a1d1131 100644 |
18 |
--- a/policy/modules/contrib/apache.if |
19 |
+++ b/policy/modules/contrib/apache.if |
20 |
@@ -1081,8 +1081,14 @@ interface(`apache_search_sys_scripts',` |
21 |
## <rolecap/> |
22 |
# |
23 |
interface(`apache_manage_all_user_content',` |
24 |
- refpolicywarn(`$0($*) has been deprecated, use apache_manage_all_content() instead.') |
25 |
- apache_manage_all_content($1) |
26 |
+ gen_require(` |
27 |
+ type httpd_user_content_t, httpd_user_content_rw_t, httpd_user_content_ra_t; |
28 |
+ type httpd_user_htaccess_t, httpd_user_script_exec_t; |
29 |
+ ') |
30 |
+ |
31 |
+ manage_dirs_pattern($1, { httpd_user_content_t httpd_user_content_rw_t httpd_user_content_ra_t httpd_user_script_exec_t }, { httpd_user_content_t httpd_user_content_rw_t httpd_user_content_ra_t httpd_user_script_exec_t }) |
32 |
+ manage_files_pattern($1, { httpd_user_content_t httpd_user_content_rw_t httpd_user_content_ra_t httpd_user_script_exec_t httpd_user_htaccess_t }, { httpd_user_content_t httpd_user_content_rw_t httpd_user_content_ra_t httpd_user_script_exec_t httpd_user_htaccess_t }) |
33 |
+ manage_lnk_files_pattern($1, { httpd_user_content_t httpd_user_content_rw_t httpd_user_content_ra_t httpd_user_script_exec_t }, { httpd_user_content_t httpd_user_content_rw_t httpd_user_content_ra_t httpd_user_script_exec_t }) |
34 |
') |
35 |
|
36 |
######################################## |