|
@@ -1,4 +1,4 @@
|
|
|
-policy_module(acme-updater, 0.1.12)
|
|
|
+policy_module(acme-updater, 0.1.13)
|
|
|
|
|
|
#################################
|
|
|
#
|
|
@@ -9,6 +9,9 @@ type acmeupdater_t;
|
|
|
type acmeupdater_exec_t;
|
|
|
init_system_domain(acmeupdater_t, acmeupdater_exec_t)
|
|
|
|
|
|
+type acmeupdater_etc_t;
|
|
|
+files_config_file(acmeupdater_etc_t)
|
|
|
+
|
|
|
########################################
|
|
|
#
|
|
|
# Local policy
|
|
@@ -20,6 +23,8 @@ allow acmeupdater_t self:process setrlimit;
|
|
|
corecmd_exec_bin(acmeupdater_t)
|
|
|
corecmd_exec_shell(acmeupdater_t)
|
|
|
|
|
|
+read_files_pattern(acmeupdater_t, acmeupdater_etc_t, acmeupdater_etc_t)
|
|
|
+
|
|
|
miscfiles_read_localization(acmeupdater_t)
|
|
|
miscfiles_read_generic_certs(acmeupdater_t)
|
|
|
miscfiles_manage_generic_cert_files(acmeupdater_t)
|