08d32dbc2d
Same .te as sent a few days ago, but as a patch and with the other files needed. I think this is ready for inclusion. Signed-off-by: Russell Coker <russell@coker.com.au>
47 lines
991 B
Plaintext
47 lines
991 B
Plaintext
## <summary>SSL certificate requesting tool certbot AKA letsencrypt.</summary>
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute certbot/letsencrypt in the certbot
|
|
## domain.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`certbot_domtrans',`
|
|
gen_require(`
|
|
type certbot_t, certbot_exec_t;
|
|
')
|
|
|
|
domtrans_pattern($1, certbot_exec_t, certbot_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Execute certbot/letsencrypt in the certbot
|
|
## domain, and allow the specified role
|
|
## the firstboot domain.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed to transition.
|
|
## </summary>
|
|
## </param>
|
|
## <param name="role">
|
|
## <summary>
|
|
## Role allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`certbot_run',`
|
|
gen_require(`
|
|
type certbot_t;
|
|
')
|
|
|
|
certbot_domtrans($1)
|
|
role $2 types certbot_t;
|
|
')
|