Changes between Version 6 and Version 7 of RubyCASServer

Timestamp:

Feb 7, 2012 12:27:18 PM (13 years ago)

Author:

brose

Comment:

--

RubyCASServer

@@ -124 +124 @@
 
 require {
-        type unconfined_t;
-        type automount_t;
-        type rpcbind_t;
+        type httpd_t;
+        type mysqld_port_t;
+        type passenger_t;
         type passenger_tmp_t;
         type var_log_t;
-        type httpd_t;
-        type mysqld_port_t;
-        type rpcd_t;
-        type passenger_t;
-        class sock_file { write getattr setattr create unlink };
-        class tcp_socket { name_connect listen };
         class capability { sys_resource sys_ptrace };
         class dir { write getattr search add_name };
         class file { write getattr setattr read create open append };
+        class sock_file { write getattr setattr create unlink };
+        class tcp_socket { name_connect listen };
 }
 
@@ -146 +142 @@
 
 #============= passenger_t ==============
-allow passenger_t automount_t:dir { getattr search };
-allow passenger_t automount_t:file { read open };
-allow passenger_t httpd_t:dir { getattr search };
-allow passenger_t httpd_t:file { read open };
 allow passenger_t mysqld_port_t:tcp_socket name_connect;
 allow passenger_t passenger_tmp_t:sock_file { write create unlink getattr setattr };
-allow passenger_t rpcbind_t:dir { getattr search };
-allow passenger_t rpcbind_t:file { read open };
-allow passenger_t rpcd_t:dir { getattr search };
-allow passenger_t rpcd_t:file { read open };
 allow passenger_t self:capability { sys_resource sys_ptrace };
-allow passenger_t unconfined_t:dir { getattr search };
-allow passenger_t unconfined_t:file { read open };
 allow passenger_t var_log_t:file { getattr open append };
 }}}