selinux-refpolicy/policy/modules/services/shibboleth.if
Christian Göttsche 3bb507efa6 Fix several misspellings
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
2020-08-13 14:08:58 +02:00

41 lines
910 B
Plaintext

## <summary>Shibboleth authentication daemon</summary>
########################################
## <summary>
## Allow your application domain to access
## config files from shibboleth
## </summary>
## <param name="domain">
## <summary>
## The domain which should be enabled.
## </summary>
## </param>
#
interface(`shibboleth_read_config',`
gen_require(`
type shibboleth_etc_t;
')
read_files_pattern($1, shibboleth_etc_t, shibboleth_etc_t)
')
########################################
## <summary>
## Allow the specified domain to connect to shibboleth with a unix socket.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`shibboleth_stream_connect',`
gen_require(`
type shibboleth_t;
type shibboleth_runtime_t;
')
stream_connect_pattern($1, shibboleth_runtime_t, shibboleth_runtime_t, shibboleth_t)
files_search_runtime($1)
')