modify selinux policy for gitea

This commit is contained in:
Alexander Miroshnichenko 2019-05-26 21:45:23 +03:00
parent 5934810d3e
commit 17039da5e0
Signed by: alex
GPG Key ID: E93720C6C73A77F4
2 changed files with 5 additions and 13 deletions

View File

@ -1,6 +1,6 @@
AUX gitea.fc 1111 BLAKE2B 9a994a212aaf8272d0ce8f8b59b48152737c9b4a2d3a6e3a52f60cc4d9ac7049187ec4f8f1feb5ed0469d1ed1dfda744c56a14eb7455a9de04a0ba7e41fc0005 SHA512 c4511f6d42b214741ac8981d457784b9707928cc42845685063f4a7d5fc46b4cdf08616cc9ddef123f3d853bf3becb08ce22f0397c9340459ae421d9ac20046e AUX gitea.fc 1111 BLAKE2B 9a994a212aaf8272d0ce8f8b59b48152737c9b4a2d3a6e3a52f60cc4d9ac7049187ec4f8f1feb5ed0469d1ed1dfda744c56a14eb7455a9de04a0ba7e41fc0005 SHA512 c4511f6d42b214741ac8981d457784b9707928cc42845685063f4a7d5fc46b4cdf08616cc9ddef123f3d853bf3becb08ce22f0397c9340459ae421d9ac20046e
AUX gitea.if 5937 BLAKE2B 4534f09b6bdd5acbae675b2d75082a95ba1f3c5af6b1552f85552f892b2f170d8227a8fe7ae3fde9a4fe03130a0a05f839e05ff4b78d5f1fbbf80a20eb57b877 SHA512 732cb6b7de002561b673db25dd8034934b4d452ff6df1cd187051cf2f67de2d951ba4971557645b513bc39fdc7f7006d230edeaa525a9d4a7ffb226551eac66d AUX gitea.if 5937 BLAKE2B 4534f09b6bdd5acbae675b2d75082a95ba1f3c5af6b1552f85552f892b2f170d8227a8fe7ae3fde9a4fe03130a0a05f839e05ff4b78d5f1fbbf80a20eb57b877 SHA512 732cb6b7de002561b673db25dd8034934b4d452ff6df1cd187051cf2f67de2d951ba4971557645b513bc39fdc7f7006d230edeaa525a9d4a7ffb226551eac66d
AUX gitea.te 9636 BLAKE2B 976cf0df97326fae8c0ade0a99d73977b861987cd6e3e80d76120ed6ce2fc52c2483439e85a7c0a20189180a73dfe97942bd202ba00b8b3a62bba7ff68ce3b07 SHA512 d096b06c88a55b1ab73b114db4c3435b1717fdf5aaf7973467e79cc65c7ba88bd96e1271c9c2a036f561eaffda86e4a8bceb081f6d45a733f6dcf78b48f7f378 AUX gitea.te 9283 BLAKE2B ef3bb87ed7ad55d14742dd1839ac75b276d13013baada284c1ee2306e8e53280f95f850b9a0ed30284e7787e05547dcc655251e7f9760b8fd5f55349cdf81faf SHA512 6adfe20405a782e0bef40a51705ee38374c6cf938ed60354f26b2830a69229b7c2ebd19c55d37759135170445b304edf931cf4166115305b31a4548035b37ec7
DIST patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 426390 BLAKE2B 33e05e03e1e087f0bf460930f074108af5fa05688f7681ba3545530d21174be7d29e9035a7bc37e9acdbe3468680891f9865ad83188eb0f8fb9b9012252d6a1e SHA512 f2855a340f4ae7ba6c4cf0ec9445de7ca20f9fc0f11783992340ca2f073bbbf2d4999190f46f3910213dd1555e9578b3609284af6a7712b401053216c004ff7e DIST patchbundle-selinux-base-policy-2.20190201-r1.tar.bz2 426390 BLAKE2B 33e05e03e1e087f0bf460930f074108af5fa05688f7681ba3545530d21174be7d29e9035a7bc37e9acdbe3468680891f9865ad83188eb0f8fb9b9012252d6a1e SHA512 f2855a340f4ae7ba6c4cf0ec9445de7ca20f9fc0f11783992340ca2f073bbbf2d4999190f46f3910213dd1555e9578b3609284af6a7712b401053216c004ff7e
DIST refpolicy-2.20190201.tar.bz2 552750 BLAKE2B d3cbdf5c5f8480cd36173d8cfbd2f55a6ad4a9f2176883dcc19eece6059114ca8700d07f8bd318d0430da253bb9e4e6a6e03f7a7db8a7964c95b00452aaab040 SHA512 c6568b679ad1a7c5c566b55291e86ce3784ee609c0091e5d465d41055724d950180780c7eedb3413351101b9182db51c7bce1816db1a9a17b3257861363efc6e DIST refpolicy-2.20190201.tar.bz2 552750 BLAKE2B d3cbdf5c5f8480cd36173d8cfbd2f55a6ad4a9f2176883dcc19eece6059114ca8700d07f8bd318d0430da253bb9e4e6a6e03f7a7db8a7964c95b00452aaab040 SHA512 c6568b679ad1a7c5c566b55291e86ce3784ee609c0091e5d465d41055724d950180780c7eedb3413351101b9182db51c7bce1816db1a9a17b3257861363efc6e
EBUILD selinux-gitea-2.20190201-r1.ebuild 382 BLAKE2B af68863bf0e98adec89f7e5dea41dd4d81ea274a0c9f0fbd07f2c4c05ea59b4dbb8ff710862a45948810436b873b3410fa0c3b85a97b41731e7c5ac845a4cfc8 SHA512 b3e22f425b3b14b7667aa0bca51a4270b3b44c3acb7977725e6ab9c813892ba4f2af9a9d9dfe3788ce1c01e95dbacbf3d12a26a24c26d43db530b2c71c8724b7 EBUILD selinux-gitea-2.20190201-r1.ebuild 382 BLAKE2B af68863bf0e98adec89f7e5dea41dd4d81ea274a0c9f0fbd07f2c4c05ea59b4dbb8ff710862a45948810436b873b3410fa0c3b85a97b41731e7c5ac845a4cfc8 SHA512 b3e22f425b3b14b7667aa0bca51a4270b3b44c3acb7977725e6ab9c813892ba4f2af9a9d9dfe3788ce1c01e95dbacbf3d12a26a24c26d43db530b2c71c8724b7

View File

@ -289,17 +289,10 @@ manage_files_pattern(gitea_repo_script_t, gitea_repo_script_exec_t, gitea_repo_s
gitea_append_log(gitea_repo_script_t) gitea_append_log(gitea_repo_script_t)
########################################
tunable_policy(`gitea_enable_homedirs',` #
#files_search_home(gitea_bin_t) # macros required to insert to another module policies
userdom_manage_user_home_content_dirs(gitea_bin_t) #
userdom_manage_user_home_content_files(gitea_bin_t)
userdom_read_user_home_content_files(gitea_bin_t)
#xdg_read_config_files(gitea_bin_t)
#userdom_manage_user_home_content_dirs(gitea_t)
userdom_read_user_home_content_files(gitea_t)
')
optional_policy(` optional_policy(`
gen_require(` gen_require(`
type user_t; type user_t;
@ -317,6 +310,5 @@ optional_policy(`
gitea_read_tmp(ssh_keygen_t); gitea_read_tmp(ssh_keygen_t);
gitea_search_lib(sshd_t) gitea_search_lib(sshd_t)
#read_files_pattern(sshd_t, gitea_var_lib_t, gitea_var_lib_t)
') ')