+++ /dev/null
-## <summary>Tools for managing and hosting git repositories.</summary>
-
-#######################################
-## <summary>
-## Execute a domain transition to run gitosis.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed to transition.
-## </summary>
-## </param>
-#
-interface(`gitosis_domtrans',`
- gen_require(`
- type gitosis_t, gitosis_exec_t;
- ')
-
- domtrans_pattern($1, gitosis_exec_t, gitosis_t)
-')
-
-#######################################
-## <summary>
-## Execute gitosis-serve in the gitosis domain, and
-## allow the specified role the gitosis domain.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access
-## </summary>
-## </param>
-## <param name="role">
-## <summary>
-## Role allowed access.
-## </summary>
-## </param>
-#
-interface(`gitosis_run',`
- gen_require(`
- type gitosis_t;
- ')
-
- gitosis_domtrans($1)
- role $2 types gitosis_t;
-')
-
-#######################################
-## <summary>
-## Allow the specified domain to read
-## gitosis lib files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`gitosis_read_lib_files',`
- gen_require(`
- type gitosis_var_lib_t;
- ')
-
- files_search_var_lib($1)
- read_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
- read_lnk_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
- list_dirs_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
-')
-
-######################################
-## <summary>
-## Allow the specified domain to manage
-## gitosis lib files.
-## </summary>
-## <param name="domain">
-## <summary>
-## Domain allowed access.
-## </summary>
-## </param>
-#
-interface(`gitosis_manage_lib_files',`
- gen_require(`
- type gitosis_var_lib_t;
- ')
-
- files_search_var_lib($1)
- manage_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
-')
+++ /dev/null
-policy_module(gitosis, 1.2.0)
-
-########################################
-#
-# Declarations
-#
-
-type gitosis_t;
-type gitosis_exec_t;
-application_domain(gitosis_t, gitosis_exec_t)
-role system_r types gitosis_t;
-
-type gitosis_var_lib_t;
-files_type(gitosis_var_lib_t)
-
-########################################
-#
-# gitosis local policy
-#
-
-allow gitosis_t self:fifo_file rw_fifo_file_perms;
-
-exec_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-manage_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-manage_lnk_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-manage_dirs_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
-
-kernel_read_system_state(gitosis_t)
-
-corecmd_exec_bin(gitosis_t)
-corecmd_exec_shell(gitosis_t)
-
-dev_read_urand(gitosis_t)
-
-files_read_etc_files(gitosis_t)
-files_read_usr_files(gitosis_t)
-files_search_var_lib(gitosis_t)
-
-miscfiles_read_localization(gitosis_t)
-
-sysnet_read_config(gitosis_t)