dnutiu/ansible-playbooks
dnutiu/ansible-playbooks
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

update playbook: add additional permission for postgres.cil

Browse source
This commit is contained in:
Denis-Cosmin Nutiu 2025-02-17 21:35:42 +02:00
parent a4959cabb1
commit 22409efefc
1 changed files with 1 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

1
peertube-server/templates/cil/postgres.cil
View file

@ -4,6 +4,7 @@
(allow process process ( capability ( chown dac_override fowner fsetid kill net_bind_service setfcap setgid setpcap setuid sys_chroot ))) (allow process process ( capability ( chown dac_override fowner fsetid kill net_bind_service setfcap setgid setpcap setuid sys_chroot )))
(allow process postgresql_port_t ( tcp_socket ( name_bind ))) (allow process postgresql_port_t ( tcp_socket ( name_bind )))
(allow container_t default_t (dir (setattr)))
(allow process default_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write ))) (allow process default_t ( dir ( add_name create getattr ioctl lock open read remove_name rmdir search setattr write )))
(allow process default_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write link))) (allow process default_t ( file ( append create getattr ioctl lock map open read rename setattr unlink write link)))
(allow process default_t ( fifo_file ( getattr read write append ioctl lock open ))) (allow process default_t ( fifo_file ( getattr read write append ioctl lock open )))