1 files changed, 3 insertions, 7 deletions
diff --git a/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch b/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch
index fb912b5..6c96e33 100644
--- a/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch
+++ b/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch
@@ -17,15 +17,11 @@ Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
 --- a/policy/modules/contrib/apache.te
 +++ b/policy/modules/contrib/apache.te
-@@ -407,10 +407,11 @@ allow httpd_t httpd_lock_t:file manage_f
+@@ -411,6 +411,7 @@ create_files_pattern(httpd_t, httpd_log_
- files_lock_filetrans(httpd_t, httpd_lock_t, { file dir })
+ append_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
- 
+ read_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
- manage_dirs_pattern(httpd_t, httpd_log_t, httpd_log_t)
- manage_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
 read_lnk_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
 +read_lnk_files_pattern(httpd_t, var_log_t, var_log_t)
 logging_log_filetrans(httpd_t, httpd_log_t, file)
 
 allow httpd_t httpd_modules_t:dir list_dir_perms;
- mmap_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)
- read_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)

diff --git a/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch b/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch index fb912b5..6c96e33 100644 --- a/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch +++ b/recipes-security/refpolicy/refpolicy-2.20170204/poky-policy-add-rules-for-var-log-symlink-apache.patch
@@ -17,15 +17,11 @@ Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
17		17
18	--- a/policy/modules/contrib/apache.te	18	--- a/policy/modules/contrib/apache.te
19	+++ b/policy/modules/contrib/apache.te	19	+++ b/policy/modules/contrib/apache.te
20	@@ -407,10 +407,11 @@ allow httpd_t httpd_lock_t:file manage_f	20	@@ -411,6 +411,7 @@ create_files_pattern(httpd_t, httpd_log_
21	files_lock_filetrans(httpd_t, httpd_lock_t, { file dir })	21	append_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
22		22	read_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
23	manage_dirs_pattern(httpd_t, httpd_log_t, httpd_log_t)
24	manage_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
25	read_lnk_files_pattern(httpd_t, httpd_log_t, httpd_log_t)	23	read_lnk_files_pattern(httpd_t, httpd_log_t, httpd_log_t)
26	+read_lnk_files_pattern(httpd_t, var_log_t, var_log_t)	24	+read_lnk_files_pattern(httpd_t, var_log_t, var_log_t)
27	logging_log_filetrans(httpd_t, httpd_log_t, file)	25	logging_log_filetrans(httpd_t, httpd_log_t, file)
28		26
29	allow httpd_t httpd_modules_t:dir list_dir_perms;	27	allow httpd_t httpd_modules_t:dir list_dir_perms;
30	mmap_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)
31	read_files_pattern(httpd_t, httpd_modules_t, httpd_modules_t)