Skip to content

Commit

Permalink
Ignore /etc/mime.types access by Python itself
Browse files Browse the repository at this point in the history 
Discovered as part of the investigation into #9271 .

re: #9272
pulpcore-selinux needs SELinux changes for systemd Type=notify
https://pulp.plan.io/issues/9272

[noissue]
  • Loading branch information
@mikedep333
mikedep333 committed Aug 24, 2021
1 parent 2d9d443 commit 45581fd
Showing 1 changed file with 9 additions and 0 deletions.
9 changes: 9 additions & 0 deletions pulpcore.te
View file
Original file line number Diff line number Diff line change
@@ -1,5 +1,10 @@
policy_module(pulpcore, 1.2.4)

require {
type httpd_config_t;
class dir search;
}

########################################
#
# Declarations
Expand Down Expand Up @@ -141,6 +146,10 @@ miscfiles_read_generic_certs(pulpcore_t)

sysnet_read_config(pulpcore_t)

# Attempts to read the non-existent /etc/httpd/mime.types with Katello on EL7
# Occurs whenever mailcap isn't installed, which would provide /etc/mime.types
dontaudit pulpcore_server_t httpd_config_t:dir search;

optional_policy(`
gpg_exec(pulpcore_t)
')
Expand Down

0 comments on commit 45581fd

Please sign in to comment.