674415 – Update man page re: httpd_sys_rw_content_t

Bug 674415 - Update man page re: httpd_sys_rw_content_t

Summary: Update man page re: httpd_sys_rw_content_t

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	selinux-policy
Sub Component:
Version:	14
Hardware:	All
OS:	Linux
Priority:	unspecified
Severity:	low
Target Milestone:	---
Assignee:	Miroslav Grepl
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-02-01 19:56 UTC by Matthew Gillen
Modified:	2011-02-03 20:26 UTC (History)
CC List:	2 users (show)
Fixed In Version:	selinux-policy-3.9.7-28.fc14
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-02-03 20:26:27 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Matthew Gillen 2011-02-01 19:56:11 UTC

Description of problem:
The man page for httpd_selinux incorrectly states that one should use  httpd_sys_content_rw_t for scripts and the daemon to have read/write on a file or directory.  The correct value to use is httpd_sys_rw_content_t (note the location of 'rw' in the string).

It's not a huge deal, since restorecon seems to map the files to the correct (new) values.  However, it seems to make restorecon do more work, since successive 'restorecon -v' invocations will repeatedly print out 'reset' messages.

Version-Release number of selected component (if applicable):
selinux-policy-3.9.7-25.fc14.noarch

Steps to Reproduce:
1.  man httpd_selinux; find httpd_sys_content_rw_t value
2.  semanage fcontext -a -t httpd_sys_content_rw_t "/somedir"
3.  restorecon -v /somedir
4.  restorecon -v /somedir
  
Actual results:
Step 3.  restorecon -v /somedir
   -> restorecon reset /somedir context system_u:object_r:httpd_sys_rw_content_t:s0->system_u:object_r:httpd_sys_content_rw_t:s0
Step 4.  restorecon -v /somedir
   -> restorecon reset /somedir context system_u:object_r:httpd_sys_rw_content_t:s0->system_u:object_r:httpd_sys_content_rw_t:s0

Expected results:
Step 3.  restorecon -v /somedir
   -> restorecon reset /somedir context system_u:object_r:httpd_sys_rw_content_t:s0->system_u:object_r:httpd_sys_content_rw_t:s0
Step 4.  restorecon -v /somedir
  -> (no output)

Comment 1 Daniel Walsh 2011-02-01 22:10:39 UTC

Miroslav I fixed this in Rawhide, can you back port to F13/F14

Comment 2 Miroslav Grepl 2011-02-02 09:44:16 UTC

Fixed in selinux-policy-3.9.7-28.fc14

Comment 3 Fedora Update System 2011-02-02 12:58:14 UTC

selinux-policy-3.9.7-28.fc14 has been submitted as an update for Fedora 14.
https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-28.fc14

Comment 4 Fedora Update System 2011-02-02 19:31:27 UTC

selinux-policy-3.9.7-28.fc14 has been pushed to the Fedora 14 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update selinux-policy'.  You can provide feedback for this update here: https://admin.fedoraproject.org/updates/selinux-policy-3.9.7-28.fc14

Comment 5 Fedora Update System 2011-02-03 20:25:35 UTC

selinux-policy-3.9.7-28.fc14 has been pushed to the Fedora 14 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.