New selinux interface needed for certmonger directory access

author: Ade Lee <alee@redhat.com> 2012-10-10 14:48:10 -0400
committer: Ade Lee <alee@redhat.com> 2012-10-10 22:57:42 -0400
commit: c7c2b6c16d1f1c337ba0779dadb49953ef6f215e (patch)
tree: 6adc2daecb648ef40dcff94aed683b7bde0ba385 /base/selinux/src/pki.if
parent: c494bd03f8f4f82a4c06457dfc301a606b89e2dc (diff)
download: pki-c7c2b6c16d1f1c337ba0779dadb49953ef6f215e.tar.gz
pki-c7c2b6c16d1f1c337ba0779dadb49953ef6f215e.tar.xz
pki-c7c2b6c16d1f1c337ba0779dadb49953ef6f215e.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/base/selinux/src/pki.if b/base/selinux/src/pki.if
index 8399c4e9b..423546d1f 100644
--- a/base/selinux/src/pki.if
+++ b/base/selinux/src/pki.if
@@ -20,6 +20,24 @@ interface(`pki_rw_tomcat_cert',`
 
 ########################################
 ## <summary>
+##      Allow read and write pki cert files.
+## </summary>
+## <param name="domain">
+##      <summary>
+##      Domain allowed access.
+##      </summary>
+## </param>
+#
+interface(`pki_search_tomcat_etc_rw',`
+        gen_require(`
+                type pki_tomcat_etc_rw_t;
+        ')
+
+        search_dirs_pattern($1, pki_tomcat_etc_rw_t, pki_tomcat_etc_rw_t)
+')
+
+########################################
+## <summary>
 ##	Create a set of derived types for apache
 ##	web content.
 ## </summary>
author	Ade Lee <alee@redhat.com>	2012-10-10 14:48:10 -0400
committer	Ade Lee <alee@redhat.com>	2012-10-10 22:57:42 -0400
commit	c7c2b6c16d1f1c337ba0779dadb49953ef6f215e (patch)
tree	6adc2daecb648ef40dcff94aed683b7bde0ba385 /base/selinux/src/pki.if
parent	c494bd03f8f4f82a4c06457dfc301a606b89e2dc (diff)
download	pki-c7c2b6c16d1f1c337ba0779dadb49953ef6f215e.tar.gz pki-c7c2b6c16d1f1c337ba0779dadb49953ef6f215e.tar.xz pki-c7c2b6c16d1f1c337ba0779dadb49953ef6f215e.zip