diff options
-rw-r--r-- | myjabberd.fc | 6 | ||||
-rwxr-xr-x | myjabberd.sh | 16 | ||||
-rw-r--r-- | myjabberd.te | 20 |
3 files changed, 42 insertions, 0 deletions
diff --git a/myjabberd.fc b/myjabberd.fc new file mode 100644 index 0000000..db5ad27 --- /dev/null +++ b/myjabberd.fc @@ -0,0 +1,6 @@ +/usr/bin/router -- gen_context(system_u:object_r:jabberd_router_exec_t,s0) +/usr/bin/sm -- gen_context(system_u:object_r:jabberd_exec_t,s0) +/usr/bin/c2s -- gen_context(system_u:object_r:jabberd_exec_t,s0) +/usr/bin/s2s -- gen_context(system_u:object_r:jabberd_exec_t,s0) + + diff --git a/myjabberd.sh b/myjabberd.sh new file mode 100755 index 0000000..f8d8a76 --- /dev/null +++ b/myjabberd.sh @@ -0,0 +1,16 @@ +#!/bin/sh -e + +DIRNAME=`dirname $0` +cd $DIRNAME +USAGE="$0 [ --update ]" +if [ `id -u` != 0 ]; then +echo 'You must be root to run this script' +exit 1 +fi + +echo "Building and Loading Policy" +set -x +make -f /usr/share/selinux/devel/Makefile +/usr/sbin/semodule -i myjabberd.pp + +/sbin/restorecon -F -R -v /usr/bin/router /usr/bin/sm /usr/bin/c2s /usr/bin/s2s diff --git a/myjabberd.te b/myjabberd.te new file mode 100644 index 0000000..15dbe67 --- /dev/null +++ b/myjabberd.te @@ -0,0 +1,20 @@ + +policy_module(myjabberd, 1.0) + +######################################## +# +# Declarations +# + +type jabberd_router_t; +type jabberd_router_exec_t; +init_daemon_domain(jabberd_router_t, jabberd_router_exec_t) + +require{ + type jabberd_exec_t; +} + +######################################## +# +# Local policy +# |