rpms/mod_fcgid/devel fastcgi-2.5.te, 1.1, 1.2 fastcgi.te, 1.2, 1.3 mod_fcgid.spec, 1.8, 1.9
Paul Howarth (pghmcfc)
fedora-extras-commits at redhat.com
Thu Jan 3 18:17:48 UTC 2008
Author: pghmcfc
Update of /cvs/pkgs/rpms/mod_fcgid/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv7887
Modified Files:
fastcgi-2.5.te fastcgi.te mod_fcgid.spec
Log Message:
Update SELinux policy to support file transition to httpd_tmp_t for
temporary files
Index: fastcgi-2.5.te
===================================================================
RCS file: /cvs/pkgs/rpms/mod_fcgid/devel/fastcgi-2.5.te,v
retrieving revision 1.1
retrieving revision 1.2
diff -u -r1.1 -r1.2
--- fastcgi-2.5.te 15 Jun 2007 16:56:23 -0000 1.1
+++ fastcgi-2.5.te 3 Jan 2008 18:17:11 -0000 1.2
@@ -1,4 +1,4 @@
-policy_module(fastcgi, 0.2.0)
+policy_module(fastcgi, 0.2.1)
type httpd_fastcgi_sock_t;
files_type(httpd_fastcgi_sock_t)
@@ -10,6 +10,7 @@
type httpd_log_t;
type httpd_sys_script_exec_t;
type httpd_sys_content_t;
+ type httpd_tmp_t;
};
# ==========================================================
@@ -79,6 +80,11 @@
fs_search_auto_mountpoints(httpd_fastcgi_script_t)
+# PHP uploads a file to /tmp and then execs programs to action them
+manage_dirs_pattern(httpd_fastcgi_script_t,httpd_tmp_t,httpd_tmp_t)
+manage_files_pattern(httpd_fastcgi_script_t,httpd_tmp_t,httpd_tmp_t)
+files_tmp_filetrans(httpd_fastcgi_script_t,httpd_fastcgi_script_rw_t,{ dir file lnk_file sock_file fifo_file })
+
files_search_var_lib(httpd_fastcgi_script_t)
files_search_spool(httpd_fastcgi_script_t)
Index: fastcgi.te
===================================================================
RCS file: /cvs/pkgs/rpms/mod_fcgid/devel/fastcgi.te,v
retrieving revision 1.2
retrieving revision 1.3
diff -u -r1.2 -r1.3
--- fastcgi.te 15 Jun 2007 17:09:39 -0000 1.2
+++ fastcgi.te 3 Jan 2008 18:17:11 -0000 1.3
@@ -1,4 +1,4 @@
-policy_module(fastcgi, 0.1.7)
+policy_module(fastcgi, 0.1.8)
type httpd_fastcgi_sock_t;
files_type(httpd_fastcgi_sock_t)
@@ -10,6 +10,7 @@
type httpd_log_t;
type httpd_sys_script_exec_t;
type httpd_sys_content_t;
+ type httpd_tmp_t;
};
# ==========================================================
@@ -69,6 +70,11 @@
fs_search_auto_mountpoints(httpd_fastcgi_script_t)
+# PHP uploads a file to /tmp and then execs programs to action them
+allow httpd_fastcgi_script_t httpd_tmp_t:dir manage_dir_perms;
+allow httpd_fastcgi_script_t httpd_tmp_t:file manage_file_perms;
+files_tmp_filetrans(httpd_fastcgi_script_t,httpd_fastcgi_script_rw_t,{ dir file lnk_file sock_file fifo_file })
+
files_search_var_lib(httpd_fastcgi_script_t)
files_search_spool(httpd_fastcgi_script_t)
Index: mod_fcgid.spec
===================================================================
RCS file: /cvs/pkgs/rpms/mod_fcgid/devel/mod_fcgid.spec,v
retrieving revision 1.8
retrieving revision 1.9
diff -u -r1.8 -r1.9
--- mod_fcgid.spec 15 Sep 2007 16:01:29 -0000 1.8
+++ mod_fcgid.spec 3 Jan 2008 18:17:11 -0000 1.9
@@ -11,7 +11,7 @@
Name: mod_fcgid
Version: 2.2
-Release: 1%{?dist}
+Release: 2%{?dist}
Summary: Apache2 module for high-performance server-side scripting
Group: System Environment/Daemons
License: GPL+
@@ -157,6 +157,10 @@
%endif
%changelog
+* Thu Jan 3 2008 Paul Howarth <paul at city-fan.org> 2.2-2
+- Update SELinux policy to support file transition to httpd_tmp_t for
+ temporary files
+
* Fri Sep 14 2007 Paul Howarth <paul at city-fan.org> 2.2-1
- Update to version 2.2
- Make sure docs are encoded as UTF-8
More information about the fedora-extras-commits
mailing list