From 20fa7032946f192426694fe860ae8e332b6f2722 Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Apr 05 2010 18:05:05 +0000 Subject: Whitespace fixes on Apache. --- diff --git a/policy/modules/services/apache.fc b/policy/modules/services/apache.fc index ff18506..9e39aa5 100644 --- a/policy/modules/services/apache.fc +++ b/policy/modules/services/apache.fc @@ -11,10 +11,10 @@ HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_u /etc/lighttpd(/.*)? gen_context(system_u:object_r:httpd_config_t,s0) /etc/mock/koji(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /etc/rc\.d/init\.d/httpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) -/etc/rc\.d/init\.d/lighttpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) +/etc/rc\.d/init\.d/lighttpd -- gen_context(system_u:object_r:httpd_initrc_exec_t,s0) /etc/vhosts -- gen_context(system_u:object_r:httpd_config_t,s0) -/etc/zabbix/web(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) +/etc/zabbix/web(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /srv/([^/]*/)?www(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /srv/gallery2(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) @@ -35,7 +35,7 @@ HOME_DIR/((www)|(web)|(public_html))(/.+)? gen_context(system_u:object_r:httpd_u /usr/sbin/apache(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0) /usr/sbin/apache-ssl(2)? -- gen_context(system_u:object_r:httpd_exec_t,s0) /usr/sbin/httpd(\.worker)? -- gen_context(system_u:object_r:httpd_exec_t,s0) -/usr/sbin/lighttpd -- gen_context(system_u:object_r:httpd_exec_t,s0) +/usr/sbin/lighttpd -- gen_context(system_u:object_r:httpd_exec_t,s0) /usr/sbin/rotatelogs -- gen_context(system_u:object_r:httpd_rotatelogs_exec_t,s0) /usr/sbin/suexec -- gen_context(system_u:object_r:httpd_suexec_exec_t,s0) @@ -54,7 +54,7 @@ ifdef(`distro_suse', ` /usr/share/ntop/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /usr/share/openca/htdocs(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /usr/share/selinux-policy[^/]*/html(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) -/usr/share/wordpress-mu/wp-config\.php -- gen_context(system_u:object_r:httpd_sys_script_exec_t,s0) +/usr/share/wordpress-mu/wp-config\.php -- gen_context(system_u:object_r:httpd_sys_script_exec_t,s0) /usr/share/wordpress-mu/wp-content(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /usr/share/wordpress/wp-content/uploads(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) @@ -101,7 +101,7 @@ ifdef(`distro_debian', ` /var/spool/gosa(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t,s0) /var/spool/squirrelmail(/.*)? gen_context(system_u:object_r:squirrelmail_spool_t,s0) -/var/spool/viewvc(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t, s0) +/var/spool/viewvc(/.*)? gen_context(system_u:object_r:httpd_sys_rw_content_t, s0) /var/www(/.*)? gen_context(system_u:object_r:httpd_sys_content_t,s0) /var/www(/.*)?/logs(/.*)? gen_context(system_u:object_r:httpd_log_t,s0) diff --git a/policy/modules/services/apache.if b/policy/modules/services/apache.if index 7bd97c4..fa24864 100644 --- a/policy/modules/services/apache.if +++ b/policy/modules/services/apache.if @@ -119,7 +119,7 @@ template(`apache_content_template',` tunable_policy(`allow_httpd_$1_script_anon_write',` miscfiles_manage_public_files(httpd_$1_script_t) - ') + ') # Allow the web server to run scripts and serve pages tunable_policy(`httpd_builtin_scripting',` @@ -1088,7 +1088,7 @@ interface(`apache_read_tmp_files',` ######################################## ## -## Dontaudit attempts to write +## Dontaudit attempts to write ## apache tmp files. ## ## diff --git a/policy/modules/services/apache.te b/policy/modules/services/apache.te index 68c3d73..39585ec 100644 --- a/policy/modules/services/apache.te +++ b/policy/modules/services/apache.te @@ -2,14 +2,14 @@ policy_module(apache, 2.1.2) # -# NOTES: +# NOTES: # This policy will work with SUEXEC enabled as part of the Apache # configuration. However, the user CGI scripts will run under the # system_u:system_r:httpd_user_script_t. # # The user CGI scripts must be labeled with the httpd_user_script_exec_t # type, and the directory containing the scripts should also be labeled -# with these types. This policy allows the user role to perform that +# with these types. This policy allows the user role to perform that # relabeling. If it is desired that only admin role should be able to relabel # the user CGI scripts, then relabel rule for user roles should be removed. # @@ -184,7 +184,7 @@ files_lock_file(httpd_lock_t) type httpd_log_t; logging_log_file(httpd_log_t) -# httpd_modules_t is the type given to module files (libraries) +# httpd_modules_t is the type given to module files (libraries) # that come with Apache /etc/httpd/modules and /usr/lib/apache type httpd_modules_t; files_type(httpd_modules_t) @@ -337,7 +337,7 @@ manage_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t) manage_lnk_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t) manage_fifo_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t) manage_sock_files_pattern(httpd_t, httpd_tmpfs_t, httpd_tmpfs_t) -fs_tmpfs_filetrans(httpd_t, httpd_tmpfs_t,{ dir file lnk_file sock_file fifo_file }) +fs_tmpfs_filetrans(httpd_t, httpd_tmpfs_t, { dir file lnk_file sock_file fifo_file }) manage_files_pattern(httpd_t, httpd_var_lib_t, httpd_var_lib_t) files_var_lib_filetrans(httpd_t, httpd_var_lib_t, file) @@ -418,7 +418,7 @@ userdom_use_unpriv_users_fds(httpd_t) tunable_policy(`allow_httpd_anon_write',` miscfiles_manage_public_files(httpd_t) -') +') ifdef(`TODO', ` # @@ -497,7 +497,7 @@ tunable_policy(`httpd_ssi_exec',` # When the admin starts the server, the server wants to access # the TTY or PTY associated with the session. The httpd appears # to run correctly without this permission, so the permission -# are dontaudited here. +# are dontaudited here. tunable_policy(`httpd_tty_comm',` userdom_use_user_terminals(httpd_t) ',`