Revision 96804f36
Added by Lukas Zapletal about 8 years ago
| foreman.te | ||
|---|---|---|
|
')
|
||
|
')
|
||
|
|
||
|
######################################
|
||
|
#
|
||
|
# Elasticsearch
|
||
|
#
|
||
|
|
||
|
# We carry elasticsearch policy until it is delivered to RHEL6:
|
||
|
# https://bugzilla.redhat.com/show_bug.cgi?id=1102119
|
||
|
type elasticsearch_port_t;
|
||
|
corenet_port(elasticsearch_port_t)
|
||
|
|
||
|
######################################
|
||
|
#
|
||
|
# Foreman Katello plugin
|
||
|
#
|
||
|
|
||
|
# System status (ping) controller checks for service status using sysvinit scripts
|
||
|
# This is temporary solution until https://bugzilla.redhat.com/show_bug.cgi?id=1105085
|
||
|
# is fixed.
|
||
|
init_exec_script_files(passenger_t)
|
||
|
|
||
|
ifndef(`distro_rhel7', `
|
||
|
consoletype_exec(passenger_t)
|
||
|
')
|
||
|
|
||
|
# Katello does connect to Elasticsearch services
|
||
|
allow passenger_t elasticsearch_port_t:tcp_socket name_connect;
|
||
|
|
||
|
# Katello uses certs in /etc/pki/katello for websockets
|
||
|
miscfiles_read_certs(websockify_t)
|
||
|
|
||
|
######################################
|
||
|
#
|
||
|
# Foreman Bootdisk plugin
|
||
Also available in: Unified diff
Fixes #9126 - moved Katello policy to a separate repo