aboutsummaryrefslogtreecommitdiff
path: root/radicale-auth-ldap.te
diff options
context:
space:
mode:
Diffstat (limited to 'radicale-auth-ldap.te')
-rw-r--r--radicale-auth-ldap.te19
1 files changed, 19 insertions, 0 deletions
diff --git a/radicale-auth-ldap.te b/radicale-auth-ldap.te
new file mode 100644
index 0000000..5a125e1
--- /dev/null
+++ b/radicale-auth-ldap.te
@@ -0,0 +1,19 @@
+
+module radicale-auth-ldap 1.0;
+
+require {
+ type radicale_t;
+ type ldap_port_t;
+ type httpd_t;
+ type proc_net_t;
+ class capability net_admin;
+ class tcp_socket name_connect;
+ class file read;
+}
+
+#============= httpd_t ==============
+allow httpd_t self:capability net_admin;
+
+#============= radicale_t ==============
+allow radicale_t ldap_port_t:tcp_socket name_connect;
+allow radicale_t proc_net_t:file read;
bgstack15