Bug 230794 - Please include /var/spool/viewvc in policy
Summary: Please include /var/spool/viewvc in policy
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2007-03-02 22:15 UTC by Bojan Smojver
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version: 2.5.10-2
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2007-03-30 01:29:24 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Bojan Smojver 2007-03-02 22:15:21 UTC 
Description of problem:

A viewvc package is under review (bug #230512) right now and it would be best if
instead of having a -selinux subpackage, we could get that line into file
contexts of regular policy.

We'd need this to be:

/var/spool/viewvc(/.*)?    system_u:object_r:httpd_sys_script_rw_t:s0

Version-Release number of selected component (if applicable):
2.5.6-1.fc7
Comment 1 Daniel Walsh 2007-03-20 16:02:00 UTC 
Fixed in selinux-policy-2.5.9-1.fc7
Comment 2 Bojan Smojver 2007-03-21 20:09:32 UTC 
Thanks for that. BTW, the tarball (serefpolicy-2.5.9.tgz) in the source RPM
contains an invalid link:

policy/.#global_tunables -> dwalsh.devel.redhat.com.10978:1171893475

Not sure if that's there on purpose...
Comment 3 Bojan Smojver 2007-03-21 20:44:00 UTC 
A stupid question: where in the selinux-policy source RPM can I find references
to viewvc? I greped the whole thing but couldn't see anything. That was for -2,
which is currently in Rawhide...
Comment 4 Daniel Walsh 2007-03-23 14:33:54 UTC 
selinux-policy-2.5.9-1.fc7.src.rpm should be available.

But it looks like the latest package does not have the viewvc file context.
selinux-policy-2.5.10-1 will have it.
Comment 5 Bojan Smojver 2007-03-30 01:29:24 UTC 
This can be closed now, as it has been fixed in both development and FC6.
Note You need to log in before you can comment on or make changes to this bug.