mirror of
https://pagure.io/fedora-infra/ansible.git
synced 2026-03-24 14:00:44 +08:00
24 lines
702 B
Plaintext
24 lines
702 B
Plaintext
policy_module(nfscgi, 1.0.0)
|
|
|
|
require {
|
|
type httpd_git_script_t;
|
|
type git_script_t;
|
|
type git_system_t;
|
|
type httpd_git_content_t;
|
|
type nfs_t;
|
|
class dir { create write search add_name remove_name getattr open };
|
|
class file { create write rename setattr read open };
|
|
}
|
|
|
|
|
|
allow git_system_t httpd_git_content_t:dir { getattr read open };
|
|
allow git_system_t httpd_git_content_t:file { read open getattr };
|
|
|
|
|
|
|
|
allow httpd_git_script_t nfs_t:dir { write };
|
|
allow git_system_t httpd_git_content_t:dir { search };
|
|
allow httpd_git_script_t nfs_t:dir { create write add_name remove_name };
|
|
allow httpd_git_script_t nfs_t:file { create write rename setattr };
|
|
allow git_script_t nfs_t:file { unlink link };
|