summaryrefslogtreecommitdiffstats
path: root/base/selinux/src/pki.fc
diff options
context:
space:
mode:
Diffstat (limited to 'base/selinux/src/pki.fc')
-rw-r--r--base/selinux/src/pki.fc91
1 files changed, 91 insertions, 0 deletions
diff --git a/base/selinux/src/pki.fc b/base/selinux/src/pki.fc
new file mode 100644
index 000000000..3a22d86a4
--- /dev/null
+++ b/base/selinux/src/pki.fc
@@ -0,0 +1,91 @@
+
+/usr/bin/dtomcat5-pki-ca -- gen_context(system_u:object_r:pki_ca_exec_t,s0)
+
+/etc/pki-ca(/.*)? gen_context(system_u:object_r:pki_ca_etc_rw_t,s0)
+/etc/pki-ca/tomcat5.conf -- gen_context(system_u:object_r:pki_ca_tomcat_exec_t,s0)
+
+/var/lib/pki-ca(/.*)? gen_context(system_u:object_r:pki_ca_var_lib_t,s0)
+
+/var/run/pki-ca.pid gen_context(system_u:object_r:pki_ca_var_run_t,s0)
+
+/var/log/pki-ca(/.*)? gen_context(system_u:object_r:pki_ca_log_t,s0)
+
+/usr/bin/dtomcat5-pki-kra -- gen_context(system_u:object_r:pki_kra_exec_t,s0)
+
+/etc/pki-kra(/.*)? gen_context(system_u:object_r:pki_kra_etc_rw_t,s0)
+/etc/pki-kra/tomcat5.conf -- gen_context(system_u:object_r:pki_kra_tomcat_exec_t,s0)
+
+/var/lib/pki-kra(/.*)? gen_context(system_u:object_r:pki_kra_var_lib_t,s0)
+
+/var/run/pki-kra.pid gen_context(system_u:object_r:pki_kra_var_run_t,s0)
+
+/var/log/pki-kra(/.*)? gen_context(system_u:object_r:pki_kra_log_t,s0)
+
+/usr/bin/dtomcat5-pki-ocsp -- gen_context(system_u:object_r:pki_ocsp_exec_t,s0)
+
+/etc/pki-ocsp(/.*)? gen_context(system_u:object_r:pki_ocsp_etc_rw_t,s0)
+/etc/pki-ocsp/tomcat5.conf -- gen_context(system_u:object_r:pki_ocsp_tomcat_exec_t,s0)
+
+/var/lib/pki-ocsp(/.*)? gen_context(system_u:object_r:pki_ocsp_var_lib_t,s0)
+
+/var/run/pki-ocsp.pid gen_context(system_u:object_r:pki_ocsp_var_run_t,s0)
+
+/var/log/pki-ocsp(/.*)? gen_context(system_u:object_r:pki_ocsp_log_t,s0)
+
+/usr/sbin/httpd.worker -- gen_context(system_u:object_r:pki_ra_exec_t,s0)
+/etc/pki-ra(/.*)? gen_context(system_u:object_r:pki_ra_etc_rw_t,s0)
+/var/lib/pki-ra(/.*)? gen_context(system_u:object_r:pki_ra_var_lib_t,s0)
+/var/log/pki-ra(/.*)? gen_context(system_u:object_r:pki_ra_log_t,s0)
+
+
+/usr/bin/dtomcat5-pki-tks -- gen_context(system_u:object_r:pki_tks_exec_t,s0)
+
+/etc/pki-tks(/.*)? gen_context(system_u:object_r:pki_tks_etc_rw_t,s0)
+/etc/pki-tks/tomcat5.conf -- gen_context(system_u:object_r:pki_tks_tomcat_exec_t,s0)
+
+/var/lib/pki-tks(/.*)? gen_context(system_u:object_r:pki_tks_var_lib_t,s0)
+
+/var/run/pki-tks.pid gen_context(system_u:object_r:pki_tks_var_run_t,s0)
+
+/var/log/pki-tks(/.*)? gen_context(system_u:object_r:pki_tks_log_t,s0)
+
+/etc/pki-tps(/.*)? gen_context(system_u:object_r:pki_tps_etc_rw_t,s0)
+/var/lib/pki-tps(/.*)? gen_context(system_u:object_r:pki_tps_var_lib_t,s0)
+/var/log/pki-tps(/.*)? gen_context(system_u:object_r:pki_tps_log_t,s0)
+
+# default labeling for nCipher
+/opt/nfast/scripts/init.d/(.*) gen_context(system_u:object_r:initrc_exec_t, s0)
+/opt/nfast/sbin/init.d-ncipher gen_context(system_u:object_r:initrc_exec_t, s0)
+/opt/nfast(/.*)? gen_context(system_u:object_r:pki_common_t, s0)
+/dev/nfast(/.*)? gen_context(system_u:object_r:pki_common_dev_t, s0)
+
+# labeling for new CA under pki-cad
+
+/var/run/pki/ca(/.*)? gen_context(system_u:object_r:pki_ca_var_run_t,s0)
+/etc/sysconfig/pki/ca(/.*)? gen_context(system_u:object_r:pki_ca_etc_rw_t,s0)
+
+# labeling for new KRA under pki-krad
+
+/var/run/pki/kra(/.*)? gen_context(system_u:object_r:pki_kra_var_run_t,s0)
+/etc/sysconfig/pki/kra(/.*)? gen_context(system_u:object_r:pki_kra_etc_rw_t,s0)
+
+# labeling for new OCSP under pki-ocspd
+
+/var/run/pki/ocsp(/.*)? gen_context(system_u:object_r:pki_ocsp_var_run_t,s0)
+/etc/sysconfig/pki/ocsp(/.*)? gen_context(system_u:object_r:pki_ocsp_etc_rw_t,s0)
+
+# labeling for new TKS under pki-tksd
+
+/var/run/pki/tks(/.*)? gen_context(system_u:object_r:pki_tks_var_run_t,s0)
+/etc/sysconfig/pki/tks(/.*)? gen_context(system_u:object_r:pki_tks_etc_rw_t,s0)
+
+# labeling for new RA under pki-rad
+
+/var/run/pki/ra(/.*)? gen_context(system_u:object_r:pki_ra_var_run_t,s0)
+/etc/sysconfig/pki/ra(/.*)? gen_context(system_u:object_r:pki_ra_etc_rw_t,s0)
+
+# labeling for new TPS under pki-tpsd
+
+/var/run/pki/tps(/.*)? gen_context(system_u:object_r:pki_tps_var_run_t,s0)
+/etc/sysconfig/pki/tps(/.*)? gen_context(system_u:object_r:pki_tps_etc_rw_t,s0)
+
generated by cgit (git 2.34.1) at 2024-05-04 20:04:06 +0000