diff options
| author | Ralph Bean <rbean@redhat.com> | 2014-03-14 15:47:11 +0000 |
|---|---|---|
| committer | Ralph Bean <rbean@redhat.com> | 2014-03-14 15:47:11 +0000 |
| commit | edbc9b21cf83f58a0409d98ca48b21f657bba479 (patch) | |
| tree | 1f8806e4c959eb956b97e258e73b65e625a90878 /roles/fedmsg/base/files | |
| parent | cd9ecb0e8bf9c753ff92211ecd79c40c6aec6e08 (diff) | |
| download | ansible-edbc9b21cf83f58a0409d98ca48b21f657bba479.tar.gz ansible-edbc9b21cf83f58a0409d98ca48b21f657bba479.tar.xz ansible-edbc9b21cf83f58a0409d98ca48b21f657bba479.zip | |
Renamespace the fedmsg module.
Diffstat (limited to 'roles/fedmsg/base/files')
| -rw-r--r-- | roles/fedmsg/base/files/selinux/fedmsg.mod | bin | 0 -> 1158 bytes | |||
| -rw-r--r-- | roles/fedmsg/base/files/selinux/fedmsg.pp | bin | 0 -> 1174 bytes | |||
| -rw-r--r-- | roles/fedmsg/base/files/selinux/fedmsg.te | 21 |
3 files changed, 21 insertions, 0 deletions
diff --git a/roles/fedmsg/base/files/selinux/fedmsg.mod b/roles/fedmsg/base/files/selinux/fedmsg.mod Binary files differnew file mode 100644 index 000000000..25e47ae69 --- /dev/null +++ b/roles/fedmsg/base/files/selinux/fedmsg.mod diff --git a/roles/fedmsg/base/files/selinux/fedmsg.pp b/roles/fedmsg/base/files/selinux/fedmsg.pp Binary files differnew file mode 100644 index 000000000..17a25943f --- /dev/null +++ b/roles/fedmsg/base/files/selinux/fedmsg.pp diff --git a/roles/fedmsg/base/files/selinux/fedmsg.te b/roles/fedmsg/base/files/selinux/fedmsg.te new file mode 100644 index 000000000..6ce38d40f --- /dev/null +++ b/roles/fedmsg/base/files/selinux/fedmsg.te @@ -0,0 +1,21 @@ + +module fedmsg 1.1; + +require { + type anon_inodefs_t; + type httpd_t; + class file write; +} + +require { + type ptmx_t; + type httpd_t; + class chr_file getattr; +} + +#============= httpd_t ============== +# For basic port binding +allow httpd_t anon_inodefs_t:file write; +# So that psutil can work from /etc/fedmsg.d/logging.py +allow httpd_t ptmx_t:chr_file getattr; + |