http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_webalizer.patch
Webalizer does not list inotify, this was caused by leaked file descriptors in either dbus or cron. Both of which have been cleaned up.
On Fri, Aug 28, 2009 at 04:17:36PM -0400, Daniel J Walsh wrote:
> http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_webalizer.patch
>
> Webalizer does not list inotify, this was caused by leaked file descriptors in either dbus or cron. Both of which have been cleaned up.
how about we also add a miscfiles_read_public_files(webalizer_t)
Some people want to label their webroot public_content_t (for rsync and other sharing), however if they do that then webalizer can no longer access the web content.
> _______________________________________________
> refpolicy mailing list
> refpolicy at oss.tresys.com
> http://oss.tresys.com/mailman/listinfo/refpolicy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20090831/21f686e5/attachment.bin
On 08/31/2009 07:29 AM, Dominick Grift wrote:
> On Fri, Aug 28, 2009 at 04:17:36PM -0400, Daniel J Walsh wrote:
>> http://people.fedoraproject.org/~dwalsh/SELinux/F12/apps_webalizer.patch
>>
>> Webalizer does not list inotify, this was caused by leaked file descriptors in either dbus or cron. Both of which have been cleaned up.
>
> how about we also add a miscfiles_read_public_files(webalizer_t)
>
> Some people want to label their webroot public_content_t (for rsync and other sharing), however if they do that then webalizer can no longer access the web content.
>
>> _______________________________________________
>> refpolicy mailing list
>> refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy
>>
>> ------------------------------------------------------------------------
>>
>> _______________________________________________
>> refpolicy mailing list
>> refpolicy at oss.tresys.com
>> http://oss.tresys.com/mailman/listinfo/refpolicy
Sounds good to me.
On Fri, 2009-08-28 at 16:17 -0400, Daniel J Walsh wrote:
> Webalizer does not list inotify, this was caused by leaked file
> descriptors in either dbus or cron. Both of which have been cleaned
> up.
Merged.
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150