diff options
author | Miroslav Grepl <mgrepl@redhat.com> | 2010-09-07 16:23:14 +0200 |
---|---|---|
committer | Miroslav Grepl <mgrepl@redhat.com> | 2010-09-07 16:23:14 +0200 |
commit | 45688b2d50f3b0af2908565c971789e3863cfbd1 (patch) | |
tree | 2f1832f76e31389e2ea34fa67b12d140495bdde0 | |
parent | 4ce5781928a960764b2d561cd09d3d54466a0d6c (diff) | |
download | test_policy_modules-45688b2d50f3b0af2908565c971789e3863cfbd1.tar.gz test_policy_modules-45688b2d50f3b0af2908565c971789e3863cfbd1.tar.xz test_policy_modules-45688b2d50f3b0af2908565c971789e3863cfbd1.zip |
- Fixes for passenger policy
-rw-r--r-- | passenger.te | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/passenger.te b/passenger.te index 949dc89..674e348 100644 --- a/passenger.te +++ b/passenger.te @@ -40,7 +40,7 @@ optional_policy(` # Apache mod_passanger local policy # -allow passenger_t self:capability { setuid setgid dac_override }; +allow passenger_t self:capability { dac_override fsetid fowner chown setuid setgid }; allow passenger_t self:process signal; allow passenger_t self:fifo_file rw_fifo_file_perms; @@ -59,6 +59,7 @@ kernel_read_system_state(passenger_t) kernel_read_kernel_sysctls(passenger_t) corecmd_exec_bin(passenger_t) +corecmd_exec_shellpassenger_t) dev_read_urand(passenger_t) |