[selinux-policy: 1641/3172] fix dontaudit interface that was allowing instead of dontauditing; thanks to karl for pointing this

[Daniel J Walsh]

commit c31f6724c03195d2121bff416182ca6ed99e0aff
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Tue Nov 28 15:47:47 2006 +0000

    fix dontaudit interface that was allowing instead of dontauditing; thanks to karl for pointing this out.

 policy/modules/services/apache.if |    2 +-
 policy/modules/services/apache.te |    2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if
index 30bcb42..76f9dfa 100644
--- a/policy/modules/services/apache.if
+++ b/policy/modules/services/apache.if
@@ -753,7 +753,7 @@ interface(`apache_dontaudit_search_modules',`
 		type httpd_modules_t;
 	')
 
-	allow $1 httpd_modules_t:dir r_dir_perms;
+	dontaudit $1 httpd_modules_t:dir search_dir_perms;
 ')
 
 ########################################
diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te
index a80fd13..1eae40d 100644
--- a/policy/modules/services/apache.te
+++ b/policy/modules/services/apache.te
@@ -1,5 +1,5 @@
 
-policy_module(apache,1.4.1)
+policy_module(apache,1.4.2)
 
 #
 # NOTES: