diff options
author | Ade Lee <alee@redhat.com> | 2012-10-10 00:16:57 -0400 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2012-10-10 00:34:12 -0400 |
commit | c494bd03f8f4f82a4c06457dfc301a606b89e2dc (patch) | |
tree | c69a1e6c273faebc677d04f558c9c0c63b23ff04 /base/selinux/src/pki.fc | |
parent | 5ef10ba9a3702d1dc2289f7fa163e8989370d2b1 (diff) | |
download | pki-c494bd03f8f4f82a4c06457dfc301a606b89e2dc.tar.gz pki-c494bd03f8f4f82a4c06457dfc301a606b89e2dc.tar.xz pki-c494bd03f8f4f82a4c06457dfc301a606b89e2dc.zip |
Added pki_tomcat_cert_t type and interface to access it
Added permissions to certmonger to access the certdb. Also added
some missing selinux permissions for pki_tomcat_t
Diffstat (limited to 'base/selinux/src/pki.fc')
-rw-r--r-- | base/selinux/src/pki.fc | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/base/selinux/src/pki.fc b/base/selinux/src/pki.fc index 8258b67c5..20d2c79a5 100644 --- a/base/selinux/src/pki.fc +++ b/base/selinux/src/pki.fc @@ -5,6 +5,7 @@ /etc/sysconfig/pki/tomcat(/.*)? gen_context(system_u:object_r:pki_tomcat_etc_rw_t,s0) /var/log/pki gen_context(system_u:object_r:pki_log_t,s0) /usr/bin/pkidaemon gen_context(system_u:object_r:pki_tomcat_exec_t,s0) +/etc/pki/pki-tomcat/alias(/.*)? gen_context(system_u:object_r:pki_tomcat_cert_t,s0) /etc/pki-ra(/.*)? gen_context(system_u:object_r:pki_ra_etc_rw_t,s0) /var/lib/pki-ra(/.*)? gen_context(system_u:object_r:pki_ra_var_lib_t,s0) @@ -31,12 +32,20 @@ /var/lib/pki-ca(/.*)? gen_context(system_u:object_r:pki_tomcat_var_lib_t,s0) /var/run/pki-ca.pid gen_context(system_u:object_r:pki_tomcat_var_run_t,s0) /var/log/pki-ca(/.*)? gen_context(system_u:object_r:pki_tomcat_log_t,s0) +/var/lib/pki-ca/alias(/.*)? gen_context(system_u:object_r:pki_tomcat_cert_t,s0) /etc/pki-kra(/.*)? gen_context(system_u:object_r:pki_tomcat_etc_rw_t,s0) /var/lib/pki-kra(/.*)? gen_context(system_u:object_r:pki_tomcat_var_lib_t,s0) /var/run/pki-kra.pid gen_context(system_u:object_r:pki_tomcat_var_run_t,s0) /var/log/pki-kra(/.*)? gen_context(system_u:object_r:pki_tomcat_log_t,s0) +/var/lib/pki-kra/alias(/.*)? gen_context(system_u:object_r:pki_tomcat_cert_t,s0) /etc/pki-ocsp(/.*)? gen_context(system_u:object_r:pki_tomcat_etc_rw_t,s0) /var/lib/pki-ocsp(/.*)? gen_context(system_u:object_r:pki_tomcat_var_lib_t,s0) /var/run/pki-ocsp.pid gen_context(system_u:object_r:pki_tomcat_var_run_t,s0) /var/log/pki-ocsp(/.*)? gen_context(system_u:object_r:pki_tomcat_log_t,s0) +/var/lib/pki-ocsp/alias(/.*)? gen_context(system_u:object_r:pki_tomcat_cert_t,s0) +/etc/pki-tks(/.*)? gen_context(system_u:object_r:pki_tomcat_etc_rw_t,s0) +/var/lib/pki-tks(/.*)? gen_context(system_u:object_r:pki_tomcat_var_lib_t,s0) +/var/run/pki-tks.pid gen_context(system_u:object_r:pki_tomcat_var_run_t,s0) +/var/log/pki-tks(/.*)? gen_context(system_u:object_r:pki_tomcat_log_t,s0) +/var/lib/pki-tks/alias(/.*)? gen_context(system_u:object_r:pki_tomcat_cert_t,s0) |