diff options
author | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-04-12 09:00:58 -0400 |
---|---|---|
committer | Stonewall Jackson <stonewall@sacredheartsc.com> | 2023-04-12 09:00:58 -0400 |
commit | 7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6 (patch) | |
tree | 77ea323657f8f42c127e8b893aae8710520ecee7 /roles/ttrss/vars | |
parent | 680203a22ae30916b964ebaf2b3053716c5f6869 (diff) | |
download | selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.tar.gz selfhosted-7e4cfba29e7a75a0bc8efa6d07a69eb98d641ce6.zip |
ttrss: move selinux hack from apache to ttrss role
Diffstat (limited to 'roles/ttrss/vars')
-rw-r--r-- | roles/ttrss/vars/main.yml | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/roles/ttrss/vars/main.yml b/roles/ttrss/vars/main.yml index 96bdca4..788008d 100644 --- a/roles/ttrss/vars/main.yml +++ b/roles/ttrss/vars/main.yml @@ -44,3 +44,13 @@ ttrss_apache_config: | ErrorDocument 401 /index.php?noext=1 </If> </LocationMatch> + +ttrss_selinux_policy_te: | + require { + type unconfined_service_t; + type httpd_t; + class key { read view write }; + } + + #============= httpd_t ============== + allow httpd_t unconfined_service_t:key { read view write }; |