forked from pulp/pulpcore-selinux
-
Notifications
You must be signed in to change notification settings - Fork 0
/
pulpcore.fc
26 lines (22 loc) · 1.66 KB
/
pulpcore.fc
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
# label for both nginx & apache
/etc/pulp/certs(/.*)? gen_context(system_u:object_r:httpd_config_t,s0)
/etc/pulp/settings.py gen_context(system_u:object_r:pulpcore_etc_t,s0)
/etc/pulp/token_private_key.pem gen_context(system_u:object_r:pulpcore_etc_t,s0)
/etc/pulp/token_public_key.pem gen_context(system_u:object_r:pulpcore_etc_t,s0)
# The installer prior to 2020-08-20 used these 2 token paths. Clean up once dev
# instance is deleted.
/etc/pulp/private_key.pem gen_context(system_u:object_r:pulpcore_etc_t,s0)
/etc/pulp/public_key.pem gen_context(system_u:object_r:pulpcore_etc_t,s0)
/usr/libexec/pulpcore/.* -- gen_context(system_u:object_r:pulpcore_exec_t,s0)
/usr/libexec/pulpcore/gunicorn -- gen_context(system_u:object_r:pulpcore_server_exec_t,s0)
/usr/local/lib/pulp/bin/gunicorn -- gen_context(system_u:object_r:pulpcore_server_exec_t,s0)
/usr/local/lib/pulp/bin/rq -- gen_context(system_u:object_r:pulpcore_exec_t,s0)
/var/lib/pulp/(media|artifact)(/.*)? gen_context(system_u:object_r:pulpcore_var_lib_t,s0)
/var/lib/pulp/assets(/.*)? gen_context(system_u:object_r:pulpcore_var_lib_t,s0)
/var/lib/pulp/devel(/.*)? gen_context(system_u:object_r:pulpcore_var_lib_t,s0)
/var/lib/pulp/tmp(/.*)? gen_context(system_u:object_r:pulpcore_var_lib_t,s0)
/var/lib/pulp/upload(/.*)? gen_context(system_u:object_r:pulpcore_var_lib_t,s0)
/var/lib/pulp/sign-metadata.sh -- gen_context(system_u:object_r:pulpcore_var_lib_t,s0)
/var/run/pulpcore-api(/.*)? gen_context(system_u:object_r:pulpcore_server_var_run_t,s0)
/var/run/pulpcore-content(/.*)? gen_context(system_u:object_r:pulpcore_server_var_run_t,s0)
/var/run/pulpcore.* gen_context(system_u:object_r:pulpcore_var_run_t,s0)