Bug 749699 - Targeted policy should include drupal7 default contexts
Summary: Targeted policy should include drupal7 default contexts
Keywords:
Status: CLOSED RAWHIDE
Alias: None
Product: Fedora
Classification: Fedora
Component: selinux-policy-targeted
Version: rawhide
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
Assignee: Miroslav Grepl
QA Contact: Ben Levenson
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-10-28 00:33 UTC by Paul W. Frields
Modified: 2011-10-31 13:51 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-10-31 13:51:26 UTC
Type: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Paul W. Frields 2011-10-28 00:33:23 UTC 
Currently the targeted policy file_contexts includes:
/etc/drupal(6)?(/.*)?	system_u:object_r:httpd_sys_rw_content_t:s0
/var/lib/drupal(6)?(/.*)?	system_u:object_r:httpd_sys_rw_content_t:s0
/usr/share/drupal(6)?(/.*)?	system_u:object_r:httpd_sys_content_t:s0

This should be amended to include contexts for the drupal7 package:
/etc/drupal([67])?(/.*)?	system_u:object_r:httpd_sys_rw_content_t:s0
/var/lib/drupal([67])?(/.*)?	system_u:object_r:httpd_sys_rw_content_t:s0
/usr/share/drupal([67])?(/.*)?	system_u:object_r:httpd_sys_content_t:s0
Comment 1 Paul W. Frields 2011-10-28 00:35:00 UTC 
This bug affects F15+, hopefully we can provide the fix in all of them?
Comment 2 Daniel Walsh 2011-10-28 13:42:26 UTC 
I am willing to take a chance on.

/etc/drupal.* system_u:object_r:httpd_sys_rw_content_t:s0
/var/lib/drupal.* system_u:object_r:httpd_sys_rw_content_t:s0
/usr/share/drupal.* system_u:object_r:httpd_sys_content_t:s0

Fixed in selinux-policy-3.10.0-53.fc16

We need this for F15 and probably RHEL6 and maybe RHEL5.
Comment 3 Miroslav Grepl 2011-10-31 13:51:26 UTC 
We have this in RHEL6. Fixed in F15.
Note You need to log in before you can comment on or make changes to this bug.