- Add initial myjabberd policy

3 files changed, 42 insertions, 0 deletions

diff --git a/myjabberd.fc b/myjabberd.fc
new file mode 100644
index 0000000..db5ad27
--- /dev/null
+++ b/myjabberd.fc
@@ -0,0 +1,6 @@
+/usr/bin/router		--	gen_context(system_u:object_r:jabberd_router_exec_t,s0)
+/usr/bin/sm		--      gen_context(system_u:object_r:jabberd_exec_t,s0)
+/usr/bin/c2s		--      gen_context(system_u:object_r:jabberd_exec_t,s0)
+/usr/bin/s2s		--      gen_context(system_u:object_r:jabberd_exec_t,s0)
+
+
diff --git a/myjabberd.sh b/myjabberd.sh
new file mode 100755
index 0000000..f8d8a76
--- /dev/null
+++ b/myjabberd.sh
@@ -0,0 +1,16 @@
+#!/bin/sh -e
+
+DIRNAME=`dirname $0`
+cd $DIRNAME
+USAGE="$0 [ --update ]"
+if [ `id -u` != 0 ]; then
+echo 'You must be root to run this script'
+exit 1
+fi
+
+echo "Building and Loading Policy"
+set -x
+make -f /usr/share/selinux/devel/Makefile
+/usr/sbin/semodule -i myjabberd.pp
+
+/sbin/restorecon -F -R -v /usr/bin/router /usr/bin/sm /usr/bin/c2s /usr/bin/s2s
diff --git a/myjabberd.te b/myjabberd.te
new file mode 100644
index 0000000..15dbe67
--- /dev/null
+++ b/myjabberd.te
@@ -0,0 +1,20 @@
+
+policy_module(myjabberd, 1.0)
+
+########################################
+#
+# Declarations
+#
+
+type jabberd_router_t;
+type jabberd_router_exec_t;
+init_daemon_domain(jabberd_router_t, jabberd_router_exec_t)
+
+require{
+ type jabberd_exec_t;
+}
+
+########################################
+#
+# Local policy
+#