Fix fcontext for /srv/springboot/...{conf,keys} (#77)

Solves #76 Signed-off-by: Hubert Quarantel-Colombani <[email protected]>
lhqg · Nov 11, 2023 · 731ca8a · 731ca8a
1 parent e502649
commit 731ca8a
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 1 deletion.
diff --git a/se_module/springboot.fc b/se_module/springboot.fc
@@ -40,6 +40,10 @@
 /srv/springboot/(.*/)?(cache|run|work)(/.*)?			gen_context(system_u:object_r:springboot_run_t,s0)
 /srv/springboot/(.*/)?dyn(lib|app)(/.*)?				gen_context(system_u:object_r:springboot_dynlib_t,s0)
 /srv/springboot/(.*/)?.*\.(so|jar)([\.p-][0-9]+)*	--	gen_context(system_u:object_r:springboot_dynlib_t,s0)
+/srv/springboot/(.*/)?(conf|properties)(/.*)?								gen_context(system_u:object_r:springboot_conf_t,s0)
+/srv/springboot/(.*/)?(conf|properties)?/.*\.(jks|jceks|p12|pkcs12)		--	gen_context(system_u:object_r:springboot_auth_t,s0)
+/srv/springboot/(.*/)?keys(/.*)?											gen_context(system_u:object_r:springboot_auth_t,s0)
+/srv/springboot/(.*/)?(lib|app)(/.*)?										gen_context(system_u:object_r:springboot_lib_t,s0)
 #
 /opt/springboot(/.*)?														gen_context(system_u:object_r:springboot_bin_t,s0)
 /opt/springboot/bin/springboot_service									--	gen_context(system_u:object_r:springboot_exec_t,s0)

diff --git a/se_module/springboot.te b/se_module/springboot.te
@@ -24,7 +24,7 @@
 #
 ############################################################################
 
-policy_module(springboot, 1.3.0)
+policy_module(springboot, 1.3.1)
 
 ########################################
 #