X-Git-Url: http://git.ieval.ro/?p=gruntmaster-daemon.git;a=blobdiff_plain;f=selinux%2Fgruntmasterd.te;h=9bcba33fd3c9a8b48c72bfea46ede7af3c9bcf21;hp=ed878dae812ee0a9dc8016f435be89d130a320bb;hb=8a8d1a82a2a778c546569ea1e6745be4594a0ff5;hpb=6d590c603e3b14f1dc198e3635a85543565d1016

diff --git a/selinux/gruntmasterd.te b/selinux/gruntmasterd.te
index ed878da..9bcba33 100644
--- a/selinux/gruntmasterd.te
+++ b/selinux/gruntmasterd.te
@@ -26,6 +26,7 @@ type gruntmasterd_etc_t;
 type gruntmasterd_exec_t;
 type gruntmasterd_log_t;
 type gruntmasterd_tmp_t;
+type gruntmasterd_var_lib_t;
 type gruntmaster_job_t;
 type gruntmaster_job_exec_t;
 type gruntmaster_compile_t;
@@ -54,6 +55,7 @@ type_transition gruntmasterd_t gruntmaster_job_exec_t : process gruntmaster_job_
 type_transition gruntmasterd_t tmp_t : dir gruntmasterd_tmp_t;
 files_type(gruntmasterd_tmp_t)
 files_type(gruntmasterd_etc_t)
+files_type(gruntmasterd_var_lib_t)
 
 # Daemon permissions
 allow gruntmasterd_t { gruntmaster_compile_t gruntmaster_job_t } : process { sigkill siginh rlimitinh transition };
@@ -71,6 +73,7 @@ allow gruntmasterd_t tmp_t : dir { getattr write search add_name };
 gruntmaster_read(bin_t)
 gruntmaster_read(gruntmaster_compile_exec_t)
 gruntmaster_read(gruntmasterd_etc_t)
+gruntmaster_read(gruntmasterd_var_lib_t)
 gruntmaster_read(gruntmaster_job_exec_t)
 gruntmaster_read(httpd_sys_content_t)
 gruntmaster_read(lib_t)