[selinux-policy: 1990/3172] trunk: add w3c from dan.

Daniel J Walsh dwalsh at fedoraproject.org
Thu Oct 7 21:56:52 UTC 2010 

commit 32f8ff393b1543a068ec3cbb2436eb6e3bed7bf4
Author: Chris PeBenito <cpebenito at tresys.com>
Date:   Thu Aug 21 13:52:52 2008 +0000

    trunk: add w3c from dan.

 Changelog                      |    2 ++
 policy/modules/services/w3c.fc |    4 ++++
 policy/modules/services/w3c.if |    1 +
 policy/modules/services/w3c.te |   25 +++++++++++++++++++++++++
 4 files changed, 32 insertions(+), 0 deletions(-)
---
diff --git a/Changelog b/Changelog
index 717b309..382ac7a 100644
--- a/Changelog
+++ b/Changelog
@@ -9,6 +9,8 @@
 - Pam_mount fix for local login from Stefan Schulze Frielinghaus.
 - Issuing commands to upstart is over a datagram socket, not the initctl
   named pipe.  Updated init_telinit() to match.
+- Added modules:
+	w3c (Dan Walsh)
 
 * Wed Jul 02 2008 Chris PeBenito <selinux at tresys.com> - 20080702
 - Fix httpd_enable_homedirs to actually provide the access it is supposed to
diff --git a/policy/modules/services/w3c.fc b/policy/modules/services/w3c.fc
new file mode 100644
index 0000000..a9cc9a8
--- /dev/null
+++ b/policy/modules/services/w3c.fc
@@ -0,0 +1,4 @@
+/usr/lib/cgi-bin/check				gen_context(system_u:object_r:httpd_w3c_validator_script_exec_t,s0)
+
+/usr/share/w3c-markup-validator(/.*)?		gen_context(system_u:object_r:httpd_w3c_validator_content_t,s0)
+/usr/share/w3c-markup-validator/cgi-bin(/.*)?	gen_context(system_u:object_r:httpd_w3c_validator_script_exec_t,s0)
diff --git a/policy/modules/services/w3c.if b/policy/modules/services/w3c.if
new file mode 100644
index 0000000..8f678a9
--- /dev/null
+++ b/policy/modules/services/w3c.if
@@ -0,0 +1 @@
+## <summary>W3C Markup Validator</summary>
diff --git a/policy/modules/services/w3c.te b/policy/modules/services/w3c.te
new file mode 100644
index 0000000..6c27d54
--- /dev/null
+++ b/policy/modules/services/w3c.te
@@ -0,0 +1,25 @@
+
+policy_module(w3c, 1.0.0)
+
+########################################
+#
+# Declarations
+#
+
+apache_content_template(w3c_validator)
+
+########################################
+#
+# Local policy
+#
+
+corenet_tcp_connect_ftp_port(httpd_w3c_validator_script_t)
+corenet_tcp_sendrecv_ftp_port(httpd_w3c_validator_script_t)
+corenet_tcp_connect_http_port(httpd_w3c_validator_script_t)
+corenet_tcp_sendrecv_http_port(httpd_w3c_validator_script_t)
+corenet_tcp_connect_http_cache_port(httpd_w3c_validator_script_t)
+corenet_tcp_sendrecv_http_cache_port(httpd_w3c_validator_script_t)
+
+miscfiles_read_certs(httpd_w3c_validator_script_t)
+
+sysnet_dns_name_resolve(httpd_w3c_validator_script_t)

More information about the scm-commits mailing list