selinux labels update

selinux/dist_git.fc

@@ -1,4 +1,4 @@
 
-/var/lib/dist-git/git(/.*)? gen_context(system_u:object_r:httpd_git_content_t,s0)
-/var/lib/dist-git/cache(/.*)? gen_context(system_u:object_r:httpd_git_rw_content_t,s0)
-/var/lib/dist-git/web/upload.cgi gen_context(system_u:object_r:httpd_git_script_exec_t,s0)
+/var/lib/dist-git/git(/.*)? gen_context(system_u:object_r:git_user_content_t,s0)
+/var/lib/dist-git/cache(/.*)? gen_context(system_u:object_r:git_rw_content_t,s0)
+/var/lib/dist-git/web/upload.cgi gen_context(system_u:object_r:git_script_exec_t,s0)

selinux/dist_git.te

@@ -1,12 +1,13 @@
 policy_module(dist_git,1.0.0)
 
 
-gen_require(` type httpd_git_script_t ; ')
-type dist_git_upload_cgi_tmp_t;
-files_tmp_file(dist_git_upload_cgi_tmp_t);
-allow httpd_git_script_t dist_git_upload_cgi_tmp_t:file manage_file_perms;
-files_tmp_filetrans(httpd_git_script_t, dist_git_upload_cgi_tmp_t, file);
+require {
+    type httpd_git_script_t;
+    type git_script_tmp_t;
+}
 
+files_tmp_file(git_script_tmp_t);
+allow httpd_git_script_t git_script_tmp_t:file manage_file_perms;
 
 # Do not audit attempts to read the process state (/proc/pid) of all domains. 
 domain_read_all_domains_state(httpd_git_script_t);