* [PATCH] CGI scripts/PostgreSQL stream connect
@ 2008-06-23 9:23 KaiGai Kohei
2008-06-25 13:03 ` Christopher J. PeBenito
0 siblings, 1 reply; 2+ messages in thread
From: KaiGai Kohei @ 2008-06-23 9:23 UTC (permalink / raw)
To: cpebenito; +Cc: selinux
[-- Attachment #1: Type: text/plain, Size: 206 bytes --]
The attached patch allows CGI scripts to connect PostgreSQL
via unix domain socket, as MySQL doing.
Please apply it.
Thanks,
--
OSS Platform Development Division, NEC
KaiGai Kohei <kaigai@ak.jp.nec.com>
[-- Attachment #2: refpolicy-cgi-pgsql-stream.patch --]
[-- Type: text/x-patch, Size: 614 bytes --]
Index: refpolicy/policy/modules/services/apache.te
===================================================================
--- refpolicy/policy/modules/services/apache.te (revision 2727)
+++ refpolicy/policy/modules/services/apache.te (working copy)
@@ -559,6 +559,10 @@
')
optional_policy(`
+ postgresql_stream_connect(httpd_php_t)
+')
+
+optional_policy(`
nis_use_ypbind(httpd_php_t)
')
@@ -703,6 +707,10 @@
mysql_rw_db_sockets(httpd_sys_script_t)
')
+optional_policy(`
+ postgresql_stream_connect(httpd_sys_script_t)
+')
+
########################################
#
# httpd_rotatelogs local policy
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: [PATCH] CGI scripts/PostgreSQL stream connect
2008-06-23 9:23 [PATCH] CGI scripts/PostgreSQL stream connect KaiGai Kohei
@ 2008-06-25 13:03 ` Christopher J. PeBenito
0 siblings, 0 replies; 2+ messages in thread
From: Christopher J. PeBenito @ 2008-06-25 13:03 UTC (permalink / raw)
To: KaiGai Kohei; +Cc: selinux
On Mon, 2008-06-23 at 18:23 +0900, KaiGai Kohei wrote:
> The attached patch allows CGI scripts to connect PostgreSQL
> via unix domain socket, as MySQL doing.
Merged.
>
>
>
>
>
> differences
> between files
> attachment
> (refpolicy-cgi-pgsql-stream.patch)
>
> Index: refpolicy/policy/modules/services/apache.te
> ===================================================================
> --- refpolicy/policy/modules/services/apache.te (revision 2727)
> +++ refpolicy/policy/modules/services/apache.te (working copy)
> @@ -559,6 +559,10 @@
> ')
>
> optional_policy(`
> + postgresql_stream_connect(httpd_php_t)
> +')
> +
> +optional_policy(`
> nis_use_ypbind(httpd_php_t)
> ')
>
> @@ -703,6 +707,10 @@
> mysql_rw_db_sockets(httpd_sys_script_t)
> ')
>
> +optional_policy(`
> + postgresql_stream_connect(httpd_sys_script_t)
> +')
> +
> ########################################
> #
> # httpd_rotatelogs local policy
>
--
Chris PeBenito
Tresys Technology, LLC
(410) 290-1411 x150
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2008-06-25 13:04 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-06-23 9:23 [PATCH] CGI scripts/PostgreSQL stream connect KaiGai Kohei
2008-06-25 13:03 ` Christopher J. PeBenito
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.