0c42326204
There's no reason to use wildcards, and we don't want any similarly-named binary (not that I'm aware of any) to risk being associated to passt_exec_t and pasta_exec_t by accident. Signed-off-by: Stefano Brivio <sbrivio@redhat.com> Reviewed-by: Richard W.M. Jones <rjones@redhat.com>
14 lines
492 B
Text
14 lines
492 B
Text
# SPDX-License-Identifier: GPL-2.0-or-later
|
|
#
|
|
# PASTA - Pack A Subtle Tap Abstraction
|
|
# for network namespace/tap device mode
|
|
#
|
|
# contrib/selinux/pasta.fc - SELinux profile: File Context for pasta
|
|
#
|
|
# Copyright (c) 2022 Red Hat GmbH
|
|
# Author: Stefano Brivio <sbrivio@redhat.com>
|
|
|
|
/usr/bin/pasta system_u:object_r:pasta_exec_t:s0
|
|
/usr/bin/pasta.avx2 system_u:object_r:pasta_exec_t:s0
|
|
/tmp/pasta\.pcap system_u:object_r:pasta_log_t:s0
|
|
/var/run/pasta\.pid system_u:object_r:pasta_pid_t:s0
|