nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
1cbe455a5e
selinux-refpolicy/policy/modules/services/git.fc
Christian Göttsche 86d9a00e7f git: add fcontext for default binary 
Avoid relabel loops if the helper binaries are hardlinked:

    $ restorecon -vRF -T0 /usr/libexec/
    Relabeled /usr/libexec/git-core/git from system_u:object_r:git_exec_t to system_u:object_r:bin_t
    Relabeled /usr/libexec/git-core/git-rev-parse from system_u:object_r:bin_t to system_u:object_r:git_exec_t
    Relabeled /usr/libexec/git-core/git-fsmonitor--daemon from system_u:object_r:bin_t to system_u:object_r:git_exec_t

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
2023-12-28 17:52:08 +01:00

28 lines
1.6 KiB
Plaintext
Raw Blame History

HOME_DIR/public_git(/.*)? gen_context(system_u:object_r:git_user_content_t,s0)
HOME_DIR/\.config/git(/.*)? gen_context(system_u:object_r:git_xdg_config_t,s0)
HOME_DIR/\.gitconfig -- gen_context(system_u:object_r:git_xdg_config_t,s0)
HOME_DIR/\.git-credentials -- gen_context(system_u:object_r:git_xdg_config_t,s0)
/usr/bin/git -- gen_context(system_u:object_r:git_exec_t,s0)
/usr/bin/git-[^/]+ -- gen_context(system_u:object_r:git_exec_t,s0)
/usr/bin/git2_cli -- gen_context(system_u:object_r:git_exec_t,s0)
/usr/lib/git-core/git-daemon -- gen_context(system_u:object_r:gitd_exec_t,s0)
/usr/libexec/git-core/git -- gen_context(system_u:object_r:git_exec_t,s0)
/usr/libexec/git-core/git-[^/]+ -- gen_context(system_u:object_r:git_exec_t,s0)
/usr/libexec/git-core/git-daemon -- gen_context(system_u:object_r:gitd_exec_t,s0)
/usr/share/gitweb/gitweb\.cgi -- gen_context(system_u:object_r:httpd_git_script_exec_t,s0)
/usr/share/gitweb/static(/.*)? gen_context(system_u:object_r:httpd_git_content_t,s0)
/var/cache/cgit(/.*)? gen_context(system_u:object_r:httpd_git_rw_content_t,s0)
/var/cache/gitweb-caching(/.*)? gen_context(system_u:object_r:httpd_git_rw_content_t,s0)
/var/lib/git(/.*)? gen_context(system_u:object_r:git_sys_content_t,s0)
/var/www/cgi-bin/cgit -- gen_context(system_u:object_r:httpd_git_script_exec_t,s0)
/var/www/git(/.*)? gen_context(system_u:object_r:httpd_git_content_t,s0)
/var/www/git/gitweb\.cgi -- gen_context(system_u:object_r:httpd_git_script_exec_t,s0)
/var/www/gitweb-caching/gitweb\.cgi -- gen_context(system_u:object_r:httpd_git_script_exec_t,s0)
Reference in New Issue View Git Blame Copy Permalink