diff options
author | Ade Lee <alee@redhat.com> | 2012-10-10 00:16:57 -0400 |
---|---|---|
committer | Ade Lee <alee@redhat.com> | 2012-10-10 00:34:12 -0400 |
commit | c494bd03f8f4f82a4c06457dfc301a606b89e2dc (patch) | |
tree | c69a1e6c273faebc677d04f558c9c0c63b23ff04 /base/selinux/src/pki.if | |
parent | 5ef10ba9a3702d1dc2289f7fa163e8989370d2b1 (diff) | |
download | pki-c494bd03f8f4f82a4c06457dfc301a606b89e2dc.tar.gz pki-c494bd03f8f4f82a4c06457dfc301a606b89e2dc.tar.xz pki-c494bd03f8f4f82a4c06457dfc301a606b89e2dc.zip |
Added pki_tomcat_cert_t type and interface to access it
Added permissions to certmonger to access the certdb. Also added
some missing selinux permissions for pki_tomcat_t
Diffstat (limited to 'base/selinux/src/pki.if')
-rw-r--r-- | base/selinux/src/pki.if | 17 |
1 files changed, 17 insertions, 0 deletions
diff --git a/base/selinux/src/pki.if b/base/selinux/src/pki.if index e2392634e..8399c4e9b 100644 --- a/base/selinux/src/pki.if +++ b/base/selinux/src/pki.if @@ -1,5 +1,22 @@ ## <summary>policy for pki</summary> +######################################## +## <summary> +## Allow read and write pki cert files. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`pki_rw_tomcat_cert',` + gen_require(` + type pki_tomcat_cert_t; + ') + + rw_files_pattern($1, pki_tomcat_cert_t, pki_tomcat_cert_t) +') ######################################## ## <summary> |