Sign Up
Log In
Log In
or
Sign Up
Places
All Projects
Status Monitor
Collapse sidebar
devel:tools:scm
forgejo
forgejo.if
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File forgejo.if of Package forgejo
## <summary>policy for forgejo</summary> ######################################## ## <summary> ## Execute forgejo_exec_t in the forgejo domain. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed to transition. ## </summary> ## </param> # interface(`forgejo_domtrans',` gen_require(` type forgejo_t, forgejo_exec_t; ') corecmd_search_bin($1) domtrans_pattern($1, forgejo_exec_t, forgejo_t) ') ###################################### ## <summary> ## Execute forgejo in the caller domain. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`forgejo_exec',` gen_require(` type forgejo_exec_t; ') corecmd_search_bin($1) can_exec($1, forgejo_exec_t) ') ######################################## ## <summary> ## Read forgejo's log files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <rolecap/> # interface(`forgejo_read_log',` gen_require(` type forgejo_log_t; ') logging_search_logs($1) read_files_pattern($1, forgejo_log_t, forgejo_log_t) ') ######################################## ## <summary> ## Append to forgejo log files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`forgejo_append_log',` gen_require(` type forgejo_log_t; ') logging_search_logs($1) append_files_pattern($1, forgejo_log_t, forgejo_log_t) ') ######################################## ## <summary> ## Manage forgejo log files ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`forgejo_manage_log',` gen_require(` type forgejo_log_t; ') logging_search_logs($1) manage_dirs_pattern($1, forgejo_log_t, forgejo_log_t) manage_files_pattern($1, forgejo_log_t, forgejo_log_t) manage_lnk_files_pattern($1, forgejo_log_t, forgejo_log_t) ') ######################################## ## <summary> ## Search forgejo lib directories. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`forgejo_search_lib',` gen_require(` type forgejo_var_lib_t; ') allow $1 forgejo_var_lib_t:dir search_dir_perms; files_search_var_lib($1) ') ######################################## ## <summary> ## Read forgejo lib files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`forgejo_read_lib_files',` gen_require(` type forgejo_var_lib_t; ') files_search_var_lib($1) read_files_pattern($1, forgejo_var_lib_t, forgejo_var_lib_t) ') ######################################## ## <summary> ## Manage forgejo lib files. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`forgejo_manage_lib_files',` gen_require(` type forgejo_var_lib_t; ') files_search_var_lib($1) manage_files_pattern($1, forgejo_var_lib_t, forgejo_var_lib_t) ') ######################################## ## <summary> ## Manage forgejo lib directories. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`forgejo_manage_lib_dirs',` gen_require(` type forgejo_var_lib_t; ') files_search_var_lib($1) manage_dirs_pattern($1, forgejo_var_lib_t, forgejo_var_lib_t) ') ######################################## ## <summary> ## All of the rules required to administrate ## an forgejo environment ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> ## <param name="role"> ## <summary> ## Role allowed access. ## </summary> ## </param> ## <rolecap/> # interface(`forgejo_admin',` gen_require(` type forgejo_t; type forgejo_log_t; type forgejo_var_lib_t; ') allow $1 forgejo_t:process { signal_perms }; ps_process_pattern($1, forgejo_t) tunable_policy(`deny_ptrace',`',` allow $1 forgejo_t:process ptrace; ') logging_search_logs($1) admin_pattern($1, forgejo_log_t) files_search_var_lib($1) admin_pattern($1, forgejo_var_lib_t) optional_policy(` systemd_passwd_agent_exec($1) systemd_read_fifo_file_passwd_run($1) ') ')
Locations
Projects
Search
Status Monitor
Help
OpenBuildService.org
Documentation
API Documentation
Code of Conduct
Contact
Support
@OBShq
Terms
openSUSE Build Service is sponsored by
The Open Build Service is an
openSUSE project
.
Sign Up
Log In
Places
Places
All Projects
Status Monitor