add selinux policy for gitea

2019-05-26 21:27:11 +03:00
parent 2ffcd893fe
commit 5934810d3e
5 changed files with 681 additions and 0 deletions
--- a/sec-policy/selinux-gitea/files/gitea.fc
+++ b/sec-policy/selinux-gitea/files/gitea.fc
@@ -0,0 +1,25 @@
+/usr/bin/gitea		--	gen_context(system_u:object_r:gitea_exec_t,s0)
+
+/etc/gitea(/.*)?		gen_context(system_u:object_r:gitea_conf_t,s0)
+
+/var/lib/gitea(/.*)?		gen_context(system_u:object_r:gitea_var_lib_t,s0)
+
+/var/lib/gitea/.gitconfig	--	gen_context(system_u:object_r:gitea_repo_t,s0)
+
+/var/lib/gitea/conf(/.*)?            gen_context(system_u:object_r:gitea_conf_t,s0)
+
+/var/lib/gitea/gitea-repositories		gen_context(system_u:object_r:gitea_repo_home_t,s0)
+
+/var/lib/gitea/gitea-repositories/[^/]*               gen_context(system_u:object_r:gitea_repo_owner_t,s0)
+
+/var/lib/gitea/gitea-repositories/.*/.*\.git(/.*)?		gen_context(system_u:object_r:gitea_repo_t,s0)
+
+/var/lib/gitea/gitea-repositories/.*/.*\.git/objects(/.*)?	gen_context(system_u:object_r:gitea_repo_obj_t,s0)
+
+/var/lib/gitea/gitea-repositories/.*/.*\.git/hooks(/.*)?	gen_context(system_u:object_r:gitea_repo_script_exec_t,s0)
+
+/var/log/gitea(/.*)?		gen_context(system_u:object_r:gitea_log_t,s0)
+
+/var/run/gitea(/.*)?		gen_context(system_u:object_r:gitea_var_run_t,s0)
+
+/var/run/gitea.pid	--      gen_context(system_u:object_r:gitea_var_run_t,s0)