diff options
| author | Ralph Bean <rbean@redhat.com> | 2014-10-03 14:39:57 +0000 |
|---|---|---|
| committer | Ralph Bean <rbean@redhat.com> | 2014-10-03 14:39:57 +0000 |
| commit | 140f41791672db7be1296d161d95306ef4b12a4a (patch) | |
| tree | d4aad0c18593ed25d4b2bc526f8ac5a8a23b920f /roles/anitya/fedmsg/files | |
| parent | 3e93b02f8fb6a0208a6ee5deab63a0ab0d25a4a2 (diff) | |
| download | ansible-140f41791672db7be1296d161d95306ef4b12a4a.tar.gz ansible-140f41791672db7be1296d161d95306ef4b12a4a.tar.xz ansible-140f41791672db7be1296d161d95306ef4b12a4a.zip | |
First stab at reorganizing fedmsg for anitya into its own bus.
Diffstat (limited to 'roles/anitya/fedmsg/files')
| -rw-r--r-- | roles/anitya/fedmsg/files/selinux/fedmsg.mod | bin | 0 -> 1158 bytes | |||
| -rw-r--r-- | roles/anitya/fedmsg/files/selinux/fedmsg.pp | bin | 0 -> 1174 bytes | |||
| -rw-r--r-- | roles/anitya/fedmsg/files/selinux/fedmsg.te | 21 |
3 files changed, 21 insertions, 0 deletions
diff --git a/roles/anitya/fedmsg/files/selinux/fedmsg.mod b/roles/anitya/fedmsg/files/selinux/fedmsg.mod Binary files differnew file mode 100644 index 000000000..25e47ae69 --- /dev/null +++ b/roles/anitya/fedmsg/files/selinux/fedmsg.mod diff --git a/roles/anitya/fedmsg/files/selinux/fedmsg.pp b/roles/anitya/fedmsg/files/selinux/fedmsg.pp Binary files differnew file mode 100644 index 000000000..17a25943f --- /dev/null +++ b/roles/anitya/fedmsg/files/selinux/fedmsg.pp diff --git a/roles/anitya/fedmsg/files/selinux/fedmsg.te b/roles/anitya/fedmsg/files/selinux/fedmsg.te new file mode 100644 index 000000000..6ce38d40f --- /dev/null +++ b/roles/anitya/fedmsg/files/selinux/fedmsg.te @@ -0,0 +1,21 @@ + +module fedmsg 1.1; + +require { + type anon_inodefs_t; + type httpd_t; + class file write; +} + +require { + type ptmx_t; + type httpd_t; + class chr_file getattr; +} + +#============= httpd_t ============== +# For basic port binding +allow httpd_t anon_inodefs_t:file write; +# So that psutil can work from /etc/fedmsg.d/logging.py +allow httpd_t ptmx_t:chr_file getattr; + |