Squashed commit of the following:

commit 3d22bd9d3e Merge: bdbf5bd 85c713c Author: Logvinov Alecksey <alecksey@yandex.ru> Date: Sun Jun 28 21:30:29 2020 +0300 Merge branch 'master' of https://gitea.alecksey.com/alecksey/globus-selinux-policy commit bdbf5bd850 Author: Logvinov Alecksey <alecksey@yandex.ru> Date: Sun Jun 28 21:29:50 2020 +0300 'fix' commit 85c713c9f4 Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 21:20:15 2020 +0300 Изменить 'README.md' commit 8d82709b23 Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 20:37:02 2020 +0300 Изменить 'globus.te' commit 7c3e06881f Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 20:31:33 2020 +0300 Изменить 'globus.te' commit d5ff7ea3a4 Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 20:27:30 2020 +0300 Изменить 'globus.te' commit 972aeff9d0 Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 20:17:19 2020 +0300 Изменить 'globus.te' commit 72edae112a Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 20:16:50 2020 +0300 Изменить 'globus.te' commit 929101387f Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 20:07:39 2020 +0300 Изменить 'globus.te' commit 8c743e94dc Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 20:05:35 2020 +0300 Изменить 'globus.te' commit 120827c4b8 Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 19:38:58 2020 +0300 Изменить 'README.md' commit 17ee554bbd Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 19:32:59 2020 +0300 Загрузить файлы '' commit 1ef7a213c0 Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 18:24:53 2020 +0300 Добавить 'globus.te' commit 0c2d5558a9 Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 18:23:05 2020 +0300 Изменить 'README.md' commit e44a60ba1a Author: Logvinov Alecksey <alecksey@noreply.example.org> Date: Sun Jun 28 18:22:55 2020 +0300 Изменить 'README.md'
2020-06-28 21:33:00 +03:00 · 2020-06-28 21:33:00 +03:00 · 94e96a604a
commit 94e96a604a
parent 12c1e19db7
2 changed files with 43 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -1,7 +1,12 @@
 # globus-selinux-policy
-curl -o globus.te https://gitea.alecksey.com/alecksey/globux-selinux-policy/master/globus.te
+## install globus-server selinux policy
 ```
 curl -o globus.te https://gitea.alecksey.com/alecksey/globus-selinux-policy/raw/branch/master/globus.te
 checkmodule -M -m -o globus.mod globus.te
 sudo semodule_package -o globus.pp -m globus.mod
 sudo semodule -i globus.pp
 rm -f globus.*
 setsebool -P domain_can_mmap_files 1
 ```
--- a/globus.te
+++ b/globus.te
@ -0,0 +1,36 @@
 module globus 1.0;
 require {
    type mysqld_port_t;
    type user_home_t;
    type tmp_t;
    type init_t;
    type httpd_t;
    type httpd_config_t;
    type smtp_port_t;
    type http_port_t;
    type public_content_rw_t;
    type unreserved_port_t;
    class tcp_socket name_connect;
    class dir { add_name create rename reparent rmdir };
    class file { append create execute execute_no_trans lock open read setattr unlink write };
 }
 #============= httpd_t =============
 allow httpd_t http_port_t:tcp_socket name_connect;
 allow httpd_t httpd_config_t:dir add_name;
 allow httpd_t httpd_config_t:file {append create};
 allow httpd_t smtp_port_t:tcp_socket name_connect;
 allow httpd_t unreserved_port_t:tcp_socket name_connect;
 #============= init_t ==============
 allow init_t mysqld_port_t:tcp_socket name_connect;
 allow init_t tmp_t:file unlink;
 allow init_t user_home_t:dir { create rename reparent rmdir };
 allow init_t user_home_t:file { append create execute execute_no_trans lock open read setattr unlink write };
 allow init_t public_content_rw_t:file execute;
 allow init_t public_content_rw_t:file { append create execute execute_no_trans lock open read setattr unlink write };