From: domg472@gmail.com (Dominick Grift) Date: Sun, 18 Apr 2010 20:50:44 +0200 Subject: [refpolicy] [PATCH 1/1] Remove httpd_keytab_t from apache.fc In-Reply-To: <1271615514-6037-1-git-send-email-gizmo@giz-works.com> References: <1271615514-6037-1-git-send-email-gizmo@giz-works.com> Message-ID: <20100418185043.GB18306@localhost.localdomain> To: refpolicy@oss.tresys.com List-Id: refpolicy.oss.tresys.com On Sun, Apr 18, 2010 at 06:31:54PM +0000, Chris Richards wrote: > I cannot find any definition of httpd_keytab_t anywhere in refpolicy. > I don't know if the definition was removed somewhere and the fc was > simply not updated, or if there is supposed to be a definition that > somehow never got created, but I cannot compile refpolicy with things > as they are. > kerberos_keytab_template(httpd, httpd_t) Do you have the kerberos module included? http://oss.tresys.com/projects/refpolicy/browser/policy/modules/services/apache.te (line 546) http://oss.tresys.com/projects/refpolicy/browser/policy/modules/services/kerberos.if (line 230) > Signed-off-by: Chris Richards > --- > policy/modules/services/apache.fc | 1 - > 1 files changed, 0 insertions(+), 1 deletions(-) > > diff --git a/policy/modules/services/apache.fc b/policy/modules/services/apache.fc > index 9e39aa5..a6fcc0c 100644 > --- a/policy/modules/services/apache.fc > +++ b/policy/modules/services/apache.fc > @@ -5,7 +5,6 @@ HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_u > /etc/drupal(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) > /etc/htdig(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) > /etc/httpd(/.*)? gen_context(system_u:object_r:httpd_config_t,s0) > -/etc/httpd/conf/keytab -- gen_context(system_u:object_r:httpd_keytab_t,s0) > /etc/httpd/logs gen_context(system_u:object_r:httpd_log_t,s0) > /etc/httpd/modules gen_context(system_u:object_r:httpd_modules_t,s0) > /etc/lighttpd(/.*)? gen_context(system_u:object_r:httpd_config_t,s0) > -- > 1.6.4.4 > > _______________________________________________ > refpolicy mailing list > refpolicy at oss.tresys.com > http://oss.tresys.com/mailman/listinfo/refpolicy -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 198 bytes Desc: not available Url : http://oss.tresys.com/pipermail/refpolicy/attachments/20100418/51d8ce19/attachment.bin