3bb507efa6
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
41 lines
910 B
Plaintext
41 lines
910 B
Plaintext
## <summary>Shibboleth authentication daemon</summary>
|
|
|
|
########################################
|
|
## <summary>
|
|
## Allow your application domain to access
|
|
## config files from shibboleth
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## The domain which should be enabled.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`shibboleth_read_config',`
|
|
gen_require(`
|
|
type shibboleth_etc_t;
|
|
')
|
|
|
|
read_files_pattern($1, shibboleth_etc_t, shibboleth_etc_t)
|
|
')
|
|
|
|
########################################
|
|
## <summary>
|
|
## Allow the specified domain to connect to shibboleth with a unix socket.
|
|
## </summary>
|
|
## <param name="domain">
|
|
## <summary>
|
|
## Domain allowed access.
|
|
## </summary>
|
|
## </param>
|
|
#
|
|
interface(`shibboleth_stream_connect',`
|
|
gen_require(`
|
|
type shibboleth_t;
|
|
type shibboleth_runtime_t;
|
|
')
|
|
|
|
stream_connect_pattern($1, shibboleth_runtime_t, shibboleth_runtime_t, shibboleth_t)
|
|
files_search_runtime($1)
|
|
')
|