30 lines
1.0 KiB
Diff
30 lines
1.0 KiB
Diff
From cf6c809927dfc258f44e55116556625b4ecc7b5d Mon Sep 17 00:00:00 2001
|
|
From: luhuaxin <luhuaxin1@huawei.com>
|
|
Date: Fri, 24 Jun 2022 15:03:25 +0800
|
|
Subject: [PATCH] allow httpd to put files in httpd config dir
|
|
|
|
Signed-off-by: luhuaxin <luhuaxin1@huawei.com>
|
|
---
|
|
policy/modules/contrib/apache.te | 5 ++---
|
|
1 file changed, 2 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/policy/modules/contrib/apache.te b/policy/modules/contrib/apache.te
|
|
index 0e4d4bf..b264818 100644
|
|
--- a/policy/modules/contrib/apache.te
|
|
+++ b/policy/modules/contrib/apache.te
|
|
@@ -516,9 +516,8 @@ files_var_filetrans(httpd_t, httpd_cache_t, { file dir })
|
|
allow httpd_t httpd_cache_t:file map;
|
|
|
|
# Allow the httpd_t to read the web servers config files
|
|
-allow httpd_t httpd_config_t:dir list_dir_perms;
|
|
-read_files_pattern(httpd_t, httpd_config_t, httpd_config_t)
|
|
-read_lnk_files_pattern(httpd_t, httpd_config_t, httpd_config_t)
|
|
+# and put files in /etc/httpd
|
|
+apache_manage_config(httpd_t)
|
|
allow httpd_t httpd_config_t:file map;
|
|
|
|
can_exec(httpd_t, httpd_exec_t)
|
|
--
|
|
1.8.3.1
|
|
|