|
|
@@ -1,4 +1,4 @@
|
|
|
-policy_module(acme-updater, 0.1.14)
|
|
|
+policy_module(acme-updater, 0.1.15)
|
|
|
|
|
|
#################################
|
|
|
#
|
|
|
@@ -19,6 +19,7 @@ files_config_file(acmeupdater_etc_t)
|
|
|
|
|
|
allow acmeupdater_t self:capability { dac_read_search dac_override sys_resource };
|
|
|
allow acmeupdater_t self:process setrlimit;
|
|
|
+allow acmeupdater_t self:tcp_socket accept;
|
|
|
|
|
|
corecmd_exec_bin(acmeupdater_t)
|
|
|
corecmd_exec_shell(acmeupdater_t)
|
|
|
@@ -53,6 +54,13 @@ apache_domtrans(acmeupdater_t)
|
|
|
|
|
|
jabber_admin(acmeupdater_t, system_r)
|
|
|
|
|
|
+optional_policy(`
|
|
|
+ gen_require(`
|
|
|
+ type jabberd_initrc_exec_t;
|
|
|
+ ')
|
|
|
+ init_labeled_script_domtrans(acmeupdater_t, jabberd_initrc_exec_t)
|
|
|
+
|
|
|
+')
|
|
|
optional_policy(`
|
|
|
gen_require(`
|
|
|
type httpd_initrc_exec_t;
|
