Project

General

Profile

« Previous | Next » 

Revision 9554703f

Added by Lukas Zapletal almost 10 years ago

Fixes #5870 - Foreman-tasks selinux policy added

View differences:

foreman-selinux-relabel
#!/bin/bash
# relabel foreman
/sbin/restorecon -rvvi /usr/share/foreman \
/sbin/restorecon -ri $* /usr/share/foreman \
/var/lib/foreman \
/var/run/foreman \
/var/log/foreman \
/etc/foreman \
/etc/puppet/node.rb \
/etc/sysconfig/foreman \
/etc/rc.d/init.d/foreman \
/etc/logrotate.d/foreman \
/etc/cron.d/foreman
/etc/sysconfig/foreman* \
/etc/rc.d/init.d/foreman* \
/etc/logrotate.d/foreman* \
/etc/cron.d/foreman* \
/usr/lib/ruby/gems/1.8/gems/passenger-* \
/usr/lib64/ruby/site_ruby/1.8/x86_64-linux/agents
# relabel SCL mod_passenger if found
[ -d /opt/rh/ruby193/ ] && /sbin/restorecon -rvvi \
# relabel SCL mod_passenger and foreman plugins if SCL is found
[ -d /opt/rh/ruby193/ ] && /sbin/restorecon -ri $* \
/opt/rh/ruby193/root/usr/share/gems/gems/passenger-* \
/opt/rh/ruby193/root/usr/lib64/gems/exts/passenger-*/agents \
/usr/lib/ruby/gems/1.8/gems/passenger-* \
/usr/lib64/ruby/site_ruby/1.8/x86_64-linux/agents
/opt/rh/ruby193/root/usr/share/gems/gems/foreman*
foreman.fc
# Foreman Hooks plugin
/usr/share/foreman/config/hooks(/.*)? gen_context(system_u:object_r:foreman_hook_t,s0)
# Foreman Tasks plugin
/usr/share/gems/gems/foreman-tasks-*/bin/foreman-tasks -- gen_context(system_u:object_r:foreman_tasks_exec_t,s0)
/opt/rh/ruby193/root/usr/share/gems/gems/foreman-tasks-.*/bin/foreman-tasks -- gen_context(system_u:object_r:foreman_tasks_exec_t,s0)
foreman.te
#
# no rules necessary
######################################
#
# Foreman Tasks plugin
#
# the plugin daemon uses daemon gem for the backround job
type foreman_tasks_exec_t;
init_daemon_domain(passenger_t, foreman_tasks_exec_t)

Also available in: Unified diff