blob: 5ba0dfe4f68b95c8a7623659c5052a84ac4527a8 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
|
policy_module(nfscgi, 1.0.0)
require {
type httpd_git_script_t;
type git_script_t;
type git_system_t;
type httpd_git_content_t;
type nfs_t;
class dir { create write search add_name remove_name getattr open };
class file { create write rename setattr read open };
}
allow git_system_t httpd_git_content_t:dir { getattr read open };
allow git_system_t httpd_git_content_t:file { read open getattr };
allow httpd_git_script_t nfs_t:dir { write };
allow git_system_t httpd_git_content_t:dir { search };
allow httpd_git_script_t nfs_t:dir { create write add_name remove_name };
allow httpd_git_script_t nfs_t:file { create write rename setattr };
allow git_script_t nfs_t:file { unlink link };
|
