Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Tell selinux to allow git-daemon to follow symlinks, please.

Browse source
This commit is contained in:
Ralph Bean 2016-03-21 16:03:12 +00:00
parent c5143cfbab
commit 3310672c58
2 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
roles/distgit/files/cgi-nfs.pp
View file

Binary file not shown.

8
roles/distgit/files/cgi-nfs.te
View file

@ -1,20 +1,20 @@
policy_module(nfscgi, 1.0.0) policy_module(nfscgi, 1.0.1)
require { require {
type httpd_git_script_t; type httpd_git_script_t;
type git_script_t; type git_script_t;
type git_system_t; type git_system_t;
type httpd_git_content_t; type httpd_git_content_t;
type git_user_content_t;
type nfs_t; type nfs_t;
class dir { create write search add_name remove_name getattr open }; class dir { create write search add_name remove_name getattr open };
class file { create write rename setattr read open }; class file { create write rename setattr read open };
} }
allow git_system_t httpd_git_content_t:dir { getattr read open }; allow git_system_t httpd_git_content_t:dir { getattr read open };
allow git_system_t httpd_git_content_t:file { read open getattr }; allow git_system_t httpd_git_content_t:file { read open getattr };
allow git_system_t httpd_git_content_t:lnk_file { read open getattr };
allow git_system_t git_user_content_t:lnk_file { read open getattr };
allow httpd_git_script_t nfs_t:dir { write }; allow httpd_git_script_t nfs_t:dir { write };
allow git_system_t httpd_git_content_t:dir { search }; allow git_system_t httpd_git_content_t:dir { search };