RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

certbot: Fix lint issues. 

Signed-off-by: Chris PeBenito <pebenito@ieee.org>
This commit is contained in:
Chris PeBenito 2021-01-19 10:01:27 -05:00
parent 0f6c861dfb
commit 0179413fa3
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
policy/modules/services/certbot.te
View File

@ -29,7 +29,7 @@ files_type(certbot_lib_t)
# Local policy
#
allow certbot_t self:fifo_file { getattr ioctl read write };
allow certbot_t self:fifo_file rw_inherited_fifo_file_perms;
allow certbot_t self:capability { chown dac_override sys_resource };
allow certbot_t self:udp_socket all_udp_socket_perms;
allow certbot_t self:tcp_socket all_tcp_socket_perms;
@ -50,9 +50,9 @@ fs_tmpfs_filetrans(certbot_t, certbot_tmpfs_t, { file })
# https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=913544
# the Debian bug report has background about python-acme and python3-openssl
allow certbot_t self:process execmem;
allow certbot_t certbot_tmp_t:file { map execute };
allow certbot_t certbot_tmpfs_t:file { map execute };
allow certbot_t certbot_runtime_t:file { map execute };
allow certbot_t certbot_tmp_t:file mmap_exec_file_perms;
allow certbot_t certbot_tmpfs_t:file mmap_exec_file_perms;
allow certbot_t certbot_runtime_t:file mmap_exec_file_perms;
logging_search_logs(certbot_t)
allow certbot_t certbot_log_t:dir manage_dir_perms;