summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/file/certfile.cil30
-rw-r--r--src/misc.cil28
2 files changed, 28 insertions, 30 deletions
diff --git a/src/file/certfile.cil b/src/file/certfile.cil
index 821373e..6eda0f8 100644
--- a/src/file/certfile.cil
+++ b/src/file/certfile.cil
@@ -2,8 +2,34 @@
;; SPDX-License-Identifier: Unlicense
(block cert
-
- (blockinherit .file.cert.template))
+
+ (filecon "/etc/ca-certificates" dir file_context)
+ (filecon "/etc/ca-certificates/.*" any file_context)
+
+ (filecon "/etc/ca-certificates\.conf" file file_context)
+ (filecon "/etc/ca-certificates\.conf\..*" file file_context)
+
+ (filecon "/etc/ssl" dir file_context)
+ (filecon "/etc/ssl/.*" any file_context)
+
+ (filecon "/usr/share/ca-certificates" dir file_context)
+ (filecon "/usr/share/ca-certificates/.*" any file_context)
+
+ (blockinherit .file.cert.template)
+
+ (macro conf_file_type_transition_file ((type ARG1))
+ (call .conf.file_type_transition
+ (ARG1 file dir "ca-certificates"))
+ (call .conf.file_type_transition
+ (ARG1 file dir "ssl"))
+ (call .conf.file_type_transition
+ (ARG1 file file "ca-certificates.conf"))
+ (call .conf.file_type_transition
+ (ARG1 file file "ca-certificates.conf.dpkg-new")))
+
+ (macro data_file_type_transition_file ((type ARG1))
+ (call .data.file_type_transition
+ (ARG1 file dir "ca-certificates"))))
(in file
diff --git a/src/misc.cil b/src/misc.cil
index 67e8888..d0d6af4 100644
--- a/src/misc.cil
+++ b/src/misc.cil
@@ -3,34 +3,6 @@
(sidcontext init (sys.id sys.role sys.subj sys.lowlow)) ;; userspace_initial_context
-(in cert
-
- (filecon "/etc/ca-certificates" dir file_context)
- (filecon "/etc/ca-certificates/.*" any file_context)
-
- (filecon "/etc/ca-certificates\.conf" file file_context)
- (filecon "/etc/ca-certificates\.conf\..*" file file_context)
-
- (filecon "/etc/ssl" dir file_context)
- (filecon "/etc/ssl/.*" any file_context)
-
- (filecon "/usr/share/ca-certificates" dir file_context)
- (filecon "/usr/share/ca-certificates/.*" any file_context)
-
- (macro conf_file_type_transition_file ((type ARG1))
- (call .conf.file_type_transition
- (ARG1 file dir "ca-certificates"))
- (call .conf.file_type_transition
- (ARG1 file dir "ssl"))
- (call .conf.file_type_transition
- (ARG1 file file "ca-certificates.conf"))
- (call .conf.file_type_transition
- (ARG1 file file "ca-certificates.conf.dpkg-new")))
-
- (macro data_file_type_transition_file ((type ARG1))
- (call .data.file_type_transition
- (ARG1 file dir "ca-certificates"))))
-
(in cgroup
(filecon "/sys/fs/cgroup" dir fs_context)
generated by cgit v1.2.3 (git 2.46.0) at 2025-09-20 19:25:08 +0000