Bug 230794 - Please include /var/spool/viewvc in policy
Please include /var/spool/viewvc in policy
Product: Fedora
Classification: Fedora
Component: selinux-policy (Show other bugs)
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
Ben Levenson
Depends On:
  Show dependency treegraph
Reported: 2007-03-02 17:15 EST by Bojan Smojver
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 2.5.10-2
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2007-03-29 21:29:24 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Bojan Smojver 2007-03-02 17:15:21 EST
Description of problem:

A viewvc package is under review (bug #230512) right now and it would be best if
instead of having a -selinux subpackage, we could get that line into file
contexts of regular policy.

We'd need this to be:

/var/spool/viewvc(/.*)?    system_u:object_r:httpd_sys_script_rw_t:s0

Version-Release number of selected component (if applicable):
Comment 1 Daniel Walsh 2007-03-20 12:02:00 EDT
Fixed in selinux-policy-2.5.9-1.fc7
Comment 2 Bojan Smojver 2007-03-21 16:09:32 EDT
Thanks for that. BTW, the tarball (serefpolicy-2.5.9.tgz) in the source RPM
contains an invalid link:

policy/.#global_tunables -> dwalsh@redsox.boston.devel.redhat.com.10978:1171893475

Not sure if that's there on purpose...
Comment 3 Bojan Smojver 2007-03-21 16:44:00 EDT
A stupid question: where in the selinux-policy source RPM can I find references
to viewvc? I greped the whole thing but couldn't see anything. That was for -2,
which is currently in Rawhide...
Comment 4 Daniel Walsh 2007-03-23 10:33:54 EDT
selinux-policy-2.5.9-1.fc7.src.rpm should be available.

But it looks like the latest package does not have the viewvc file context.
selinux-policy-2.5.10-1 will have it.
Comment 5 Bojan Smojver 2007-03-29 21:29:24 EDT
This can be closed now, as it has been fixed in both development and FC6.

Note You need to log in before you can comment on or make changes to this bug.