mirror of
http://git.haproxy.org/git/haproxy.git/
synced 2024-12-21 03:00:35 +00:00
6b6a53db5f
Here's an selinux policy for haproxy. The patch is built and lightly tested with haproxy-1.3.15.7-1.fc10.i386 on Fedora9, and haproxy-1.2.18 on RHEL5.
19 lines
648 B
Plaintext
19 lines
648 B
Plaintext
This directory includes an selinux policy for haproxy. It assumes
|
|
the following file locations:
|
|
|
|
/usr/sbin/haproxy -- binary
|
|
/etc/haproxy/haproxy\.cfg -- configuration
|
|
/var/run/haproxy\.pid -- pid-file
|
|
/var/run/haproxy\.sock(.*) -- stats socket
|
|
/var/empty/haproxy -- chroot dir
|
|
|
|
To build and load it on RHEL5 you'll need the "selinux-policy-devel" package,
|
|
and from within this directory run:
|
|
|
|
make -f /usr/share/selinux/devel/Makefile
|
|
sudo semodule -i haproxy.pp
|
|
restorecon /usr/sbin/haproxy /etc/haproxy/haproxy.cfg /var/run/haproxy.pid /var/run/haproxy.sock*
|
|
|
|
|
|
Feedback to Jan-Frode Myklebust <janfrode@tanso.no> is much appreciated,
|