summaryrefslogtreecommitdiff
path: root/packages/google-compute-engine-oslogin/selinux/oslogin.te
diff options
context:
space:
mode:
Diffstat (limited to 'packages/google-compute-engine-oslogin/selinux/oslogin.te')
-rw-r--r--packages/google-compute-engine-oslogin/selinux/oslogin.te24
1 files changed, 24 insertions, 0 deletions
diff --git a/packages/google-compute-engine-oslogin/selinux/oslogin.te b/packages/google-compute-engine-oslogin/selinux/oslogin.te
new file mode 100644
index 0000000..381f769
--- /dev/null
+++ b/packages/google-compute-engine-oslogin/selinux/oslogin.te
@@ -0,0 +1,24 @@
+
+module oslogin 1.0;
+
+
+require {
+ attribute file_type;
+ attribute non_security_file_type;
+ type http_port_t;
+ type sshd_t;
+ class tcp_socket name_connect;
+ class file { create getattr setattr write open unlink };
+ class dir { search write remove_name add_name };
+}
+
+#============= types ==============
+
+type google_t; # defined in oslogin.fc
+typeattribute google_t file_type, non_security_file_type;
+
+#============= sshd_t ==============
+
+allow sshd_t google_t:file { create getattr setattr write open unlink };
+allow sshd_t google_t:dir { search write remove_name add_name };
+allow sshd_t http_port_t:tcp_socket name_connect;
View Lorry Controller Status