add selinux policy for apache

author: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-04-12 08:46:55 -0400
committer: Stonewall Jackson <stonewall@sacredheartsc.com> 2023-04-12 08:46:55 -0400
commit: 367d38818725b60988c6352a927732de5e364c44 (patch)
tree: a6b2e37bf2eb037ea12d18de90bddaa60337903e /roles/apache/vars/main.yml
parent: 01516b1b99694124173300b6e74b46fb5b121998 (diff)
download: selfhosted-367d38818725b60988c6352a927732de5e364c44.tar.gz
selfhosted-367d38818725b60988c6352a927732de5e364c44.zip
1 files changed, 10 insertions, 0 deletions
diff --git a/roles/apache/vars/main.yml b/roles/apache/vars/main.yml
index fa0a293..90bfff2 100644
--- a/roles/apache/vars/main.yml
+++ b/roles/apache/vars/main.yml
@@ -35,3 +35,13 @@ apache_gzip_types:
   - text/javascript
   - text/plain
   - text/xml
+
+apache_selinux_policy_te:
+	require {
+		type unconfined_service_t;
+		type httpd_t;
+		class key read;
+	}
+
+	#============= httpd_t ==============
+	allow httpd_t unconfined_service_t:key read;
author	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-04-12 08:46:55 -0400
committer	Stonewall Jackson <stonewall@sacredheartsc.com>	2023-04-12 08:46:55 -0400
commit	367d38818725b60988c6352a927732de5e364c44 (patch)
tree	a6b2e37bf2eb037ea12d18de90bddaa60337903e /roles/apache/vars/main.yml
parent	01516b1b99694124173300b6e74b46fb5b121998 (diff)
download	selfhosted-367d38818725b60988c6352a927732de5e364c44.tar.gz selfhosted-367d38818725b60988c6352a927732de5e364c44.zip