diff options
| author | Shrikant Bobade <shrikant_bobade@mentor.com> | 2015-08-03 19:04:37 +0530 |
|---|---|---|
| committer | Joe MacDonald <joe_macdonald@mentor.com> | 2015-08-07 17:33:21 -0400 |
| commit | 6a775bb8ed866fac87f2a9b11a8ff11988a40ac6 (patch) | |
| tree | 4373dff0fef6f2ef4b7b8c8a7289d10bfc11d2cf /recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch | |
| parent | e59f3b7d04bea0a8897a6458f5f5427a364d3388 (diff) | |
| download | meta-selinux-6a775bb8ed866fac87f2a9b11a8ff11988a40ac6.tar.gz | |
refpolicy git: update refpolicy to git repository
A straight update from refpolicy 2.20140311 to refpolicy git
repository for the core policy variants and forward-porting
of policy patches as appropriate.
This approach is useful for building refpolicy & refpolicy-contrib
directly from the git repos, rather than release tarballs.
It helps to check the refpolicy based on source commits by just
updating the git repo rev. as appropriate in refpolicy_git.inc
ref: https://github.com/TresysTechnology/refpolicy/wiki
Signed-off-by: Shrikant Bobade <shrikant_bobade@mentor.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Diffstat (limited to 'recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch')
| -rw-r--r-- | recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch b/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch new file mode 100644 index 0000000..8bc40c4 --- /dev/null +++ b/recipes-security/refpolicy/refpolicy-git/poky-policy-add-rules-for-var-log-symlink-apache.patch | |||
| @@ -0,0 +1,31 @@ | |||
| 1 | From ed2b0a00e2fb78056041b03c7e198e8f5adaf939 Mon Sep 17 00:00:00 2001 | ||
| 2 | From: Xin Ouyang <Xin.Ouyang@windriver.com> | ||
| 3 | Date: Thu, 22 Aug 2013 19:36:44 +0800 | ||
| 4 | Subject: [PATCH 3/6] add rules for the symlink of /var/log - apache2 | ||
| 5 | |||
| 6 | We have added rules for the symlink of /var/log in logging.if, | ||
| 7 | while apache.te uses /var/log but does not use the interfaces in | ||
| 8 | logging.if. So still need add a individual rule for apache.te. | ||
| 9 | |||
| 10 | Upstream-Status: Inappropriate [only for Poky] | ||
| 11 | |||
| 12 | Signed-off-by: Xin Ouyang <Xin.Ouyang@windriver.com> | ||
| 13 | --- | ||
| 14 | policy/modules/contrib/apache.te | 1 + | ||
| 15 | 1 file changed, 1 insertion(+) | ||
| 16 | |||
| 17 | diff --git a/policy/modules/contrib/apache.te b/policy/modules/contrib/apache.te | ||
| 18 | index ec8bd13..06f2e95 100644 | ||
| 19 | --- a/policy/modules/contrib/apache.te | ||
| 20 | +++ b/policy/modules/contrib/apache.te | ||
| 21 | @@ -400,6 +400,7 @@ create_files_pattern(httpd_t, httpd_log_t, httpd_log_t) | ||
| 22 | append_files_pattern(httpd_t, httpd_log_t, httpd_log_t) | ||
| 23 | read_files_pattern(httpd_t, httpd_log_t, httpd_log_t) | ||
| 24 | read_lnk_files_pattern(httpd_t, httpd_log_t, httpd_log_t) | ||
| 25 | +read_lnk_files_pattern(httpd_t, var_log_t, var_log_t) | ||
| 26 | logging_log_filetrans(httpd_t, httpd_log_t, file) | ||
| 27 | |||
| 28 | allow httpd_t httpd_modules_t:dir list_dir_perms; | ||
| 29 | -- | ||
| 30 | 1.7.9.5 | ||
| 31 | |||