diff options
author | Joe Orton <jorton@redhat.com> | 2017-03-24 17:05:26 +0000 |
---|---|---|
committer | Joe Orton <jorton@redhat.com> | 2017-03-24 17:05:26 +0000 |
commit | 59afc1533e764a1108136ae1aab3671632aa3797 (patch) | |
tree | c96a4c06eab35f1b17ab49aeb6939bd20ebc7911 /httpd-2.4.1-selinux.patch | |
parent | 65743a6b6ae0041e37f607da965a1c0bed53b991 (diff) | |
download | httpd-59afc1533e764a1108136ae1aab3671632aa3797.tar.gz httpd-59afc1533e764a1108136ae1aab3671632aa3797.tar.xz httpd-59afc1533e764a1108136ae1aab3671632aa3797.zip |
link only httpd, not support/* against -lselinux -lsystemd
Diffstat (limited to 'httpd-2.4.1-selinux.patch')
-rw-r--r-- | httpd-2.4.1-selinux.patch | 61 |
1 files changed, 0 insertions, 61 deletions
diff --git a/httpd-2.4.1-selinux.patch b/httpd-2.4.1-selinux.patch deleted file mode 100644 index e97c5a4..0000000 --- a/httpd-2.4.1-selinux.patch +++ /dev/null @@ -1,61 +0,0 @@ - -Log the SELinux context at startup. - -Upstream-Status: unlikely to be any interest in this upstream - ---- httpd-2.4.1/configure.in.selinux -+++ httpd-2.4.1/configure.in -@@ -458,6 +458,11 @@ fopen64 - dnl confirm that a void pointer is large enough to store a long integer - APACHE_CHECK_VOID_PTR_LEN - -+AC_CHECK_LIB(selinux, is_selinux_enabled, [ -+ AC_DEFINE(HAVE_SELINUX, 1, [Defined if SELinux is supported]) -+ APR_ADDTO(AP_LIBS, [-lselinux]) -+]) -+ - AC_CACHE_CHECK([for gettid()], ac_cv_gettid, - [AC_TRY_RUN(#define _GNU_SOURCE - #include <unistd.h> ---- httpd-2.4.1/server/core.c.selinux -+++ httpd-2.4.1/server/core.c -@@ -58,6 +58,10 @@ - #include <unistd.h> - #endif - -+#ifdef HAVE_SELINUX -+#include <selinux/selinux.h> -+#endif -+ - /* LimitRequestBody handling */ - #define AP_LIMIT_REQ_BODY_UNSET ((apr_off_t) -1) - #define AP_DEFAULT_LIMIT_REQ_BODY ((apr_off_t) 0) -@@ -4452,6 +4456,28 @@ static int core_post_config(apr_pool_t * - } - #endif - -+#ifdef HAVE_SELINUX -+ { -+ static int already_warned = 0; -+ int is_enabled = is_selinux_enabled() > 0; -+ -+ if (is_enabled && !already_warned) { -+ security_context_t con; -+ -+ if (getcon(&con) == 0) { -+ -+ ap_log_error(APLOG_MARK, APLOG_NOTICE, 0, NULL, -+ "SELinux policy enabled; " -+ "httpd running as context %s", con); -+ -+ already_warned = 1; -+ -+ freecon(con); -+ } -+ } -+ } -+#endif -+ - return OK; - } - |