selinux/dirsrv-admin.te | 1 +
1 file changed, 1 insertion(+)
New commits:
commit 9f1ab162a04c4f0c2f9d17a3417f6bb7ebbbcb46
Author: Nathan Kinder <nkinder(a)redhat.com>
Date: Thu Apr 1 11:41:44 2010 -0700
Bug 570912 - Avoid selinux context conflict with httpd
This patch makes the confined context for the admin server CGIs
use a new macro provided by the dirsrv policy. This macro allows
pid directories created by the CGIs to be labelled with the proper
dirsrv context. This was previously provided by a different macro
that was applied to httpd as well as the CGIs, but it caused a
conflict with the httpd policy. With this change the rule only
applies to the CGIs.
diff --git a/selinux/dirsrv-admin.te b/selinux/dirsrv-admin.te
index e6ecb4b..2bcb359 100644
--- a/selinux/dirsrv-admin.te
+++ b/selinux/dirsrv-admin.te
@@ -123,6 +123,7 @@ dirsrv_signal(httpd_dirsrvadmin_script_t)
dirsrv_signull(httpd_dirsrvadmin_script_t)
dirsrv_manage_log(httpd_dirsrvadmin_script_t)
dirsrv_manage_var_lib(httpd_dirsrvadmin_script_t)
+dirsrv_pid_filetrans(httpd_dirsrvadmin_script_t)
dirsrv_manage_var_run(httpd_dirsrvadmin_script_t)
dirsrv_manage_config(httpd_dirsrvadmin_script_t)
dirsrv_exec_lib(httpd_dirsrvadmin_script_t)
Show replies by date