File: certbot.if

package info (click to toggle)
refpolicy 2%3A2.20190201-2
  • links: PTS, VCS
  • area: main
  • in suites: buster
  • size: 11,440 kB
  • sloc: python: 1,915; makefile: 612; ansic: 336; sh: 174; sed: 20; xml: 13; awk: 7
file content (46 lines) | stat: -rw-r--r-- 991 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
 
## <summary>SSL certificate requesting tool certbot AKA letsencrypt.</summary>

########################################
## <summary>
##      Execute certbot/letsencrypt in the certbot
##      domain.
## </summary>
## <param name="domain">
##      <summary>
##      Domain allowed to transition.
##      </summary>
## </param>
#
interface(`certbot_domtrans',`
	gen_require(`
		type certbot_t, certbot_exec_t;
	')

	domtrans_pattern($1, certbot_exec_t, certbot_t)
')

########################################
## <summary>
##      Execute certbot/letsencrypt in the certbot
##      domain, and allow the specified role
##      the firstboot domain.
## </summary>
## <param name="role">
##      <summary>
##      Role allowed access.
##      </summary>
## </param>
## <param name="domain">
##      <summary>
##      Domain allowed to transition.
##      </summary>
## </param>
#
interface(`certbot_run',`
	gen_require(`
		type certbot_t;
	')

	certbot_domtrans($2)
	role $1 types certbot_t;
')