|
|
@@ -1,4 +1,4 @@
|
|
|
-policy_module(php-fpm, 0.2.13)
|
|
|
+policy_module(php-fpm, 0.2.14)
|
|
|
|
|
|
########################################
|
|
|
#
|
|
|
@@ -42,10 +42,9 @@ files_type(phpfpm_var_lib_t)
|
|
|
# Local policy
|
|
|
#
|
|
|
|
|
|
-allow phpfpm_t self:capability { setuid setgid };
|
|
|
+allow phpfpm_t self:capability { setuid setgid dac_override kill };
|
|
|
allow phpfpm_t self:fifo_file { write read };
|
|
|
allow phpfpm_t self:tcp_socket { setopt getopt bind create accept listen };
|
|
|
-allow phpfpm_t self:capability kill;
|
|
|
allow phpfpm_t self:process { signal execmem };
|
|
|
allow phpfpm_t self:fifo_file getattr;
|
|
|
|
