23 lines
702 B
Text
23 lines
702 B
Text
policy_module(nfscgi, 1.0.0)
|
|
|
|
require {
|
|
type httpd_git_script_t;
|
|
type git_script_t;
|
|
type git_system_t;
|
|
type httpd_git_content_t;
|
|
type nfs_t;
|
|
class dir { create write search add_name remove_name getattr open };
|
|
class file { create write rename setattr read open };
|
|
}
|
|
|
|
|
|
allow git_system_t httpd_git_content_t:dir { getattr read open };
|
|
allow git_system_t httpd_git_content_t:file { read open getattr };
|
|
|
|
|
|
|
|
allow httpd_git_script_t nfs_t:dir { write };
|
|
allow git_system_t httpd_git_content_t:dir { search };
|
|
allow httpd_git_script_t nfs_t:dir { create write add_name remove_name };
|
|
allow httpd_git_script_t nfs_t:file { create write rename setattr };
|
|
allow git_script_t nfs_t:file { unlink link };
|