anvil/selinux/anvil-subnode.te.in

policy_module(anvil-subnode, 1.0.0)

########################################
#
# Declarations
#


########################################
#
# Local policy
#

# Use existing types; don't declare unless it's new.
#
require {
	type mnt_t;
	type virsh_t;
	class file { open read };
}


#============= drbd_t ==============
# drbd rules will be provided by drbd-utils package.


#============= virsh_t ==============
# Needed for virsh to access the domain XMLs under /mnt.
allow virsh_t mnt_t:file { open read };
fix(selinux): resolve distcheck errors 2024-03-07 04:29:05 +00:00			`policy_module(anvil-subnode, 1.0.0)`

			`########################################`
			`#`
			`# Declarations`
			`#`


			`########################################`
			`#`
			`# Local policy`
			`#`

			`# Use existing types; don't declare unless it's new.`
			`#`
			`require {`
			`type mnt_t;`
			`type virsh_t;`
fix(selinux): add centos-8-stream, rhel-8 specific rules 2024-04-04 20:09:12 +00:00			`class file { open read };`
fix(selinux): resolve distcheck errors 2024-03-07 04:29:05 +00:00			`}`


			`#============= drbd_t ==============`
fix(selinux): remove centos-8-stream, rhel-8 specific rules 2024-04-04 20:13:29 +00:00			`# drbd rules will be provided by drbd-utils package.`
fix(selinux): resolve distcheck errors 2024-03-07 04:29:05 +00:00

			`#============= virsh_t ==============`
fix(selinux): add centos-8-stream, rhel-8 specific rules 2024-04-04 20:09:12 +00:00			`# Needed for virsh to access the domain XMLs under /mnt.`
fix(selinux): resolve distcheck errors 2024-03-07 04:29:05 +00:00			`allow virsh_t mnt_t:file { open read };`