smeserver-koji/selinux/koji-sign.te

24 lines
692 B
Plaintext
Raw Permalink Normal View History

2024-09-27 09:12:56 +02:00
module koji-sign 1.0;
require {
type etc_t;
type devpts_t;
type httpd_t;
type ptmx_t;
2024-09-29 03:35:32 +02:00
type rpm_var_lib_t;
2024-09-27 09:12:56 +02:00
class chr_file { getattr ioctl open read write };
class dir { add_name remove_name setattr write };
2024-09-29 03:35:32 +02:00
class file { create link map unlink write };
2024-09-27 09:12:56 +02:00
class sock_file { create getattr setattr unlink write };
}
#============= httpd_t ==============
allow httpd_t devpts_t:chr_file open;
allow httpd_t ptmx_t:chr_file { getattr ioctl open read write };
allow httpd_t etc_t:dir { add_name remove_name setattr write };
allow httpd_t etc_t:file { create link unlink write };
allow httpd_t etc_t:sock_file { create getattr setattr unlink write };
2024-09-29 03:35:32 +02:00
allow httpd_t rpm_var_lib_t:file map;