From: JensNeuhalfen@gmx.de (Jens Neuhalfen)
Date: Mon, 18 Aug 2008 17:12:50 +0200
Subject: [refpolicy] SeLinux policy for git-daemon
Message-ID: <1219072370.15402.6.camel@desktop.local.neuhalfen.name>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

Hi,

I just wanted to let  you know, that I wrote an SeLinux policy for the
git daemon. If anyone could be so kind and comment on my draft? You can
find it here: git://www.neuhalfen.name/git-selinux.git

Beware: This is the whole git-repository, roughly 25MB

FYI: The post below went to the git mailinglist, so there are a few
posts as well.

Jens

-------- Forwarded Message --------
> From: Jens Neuhalfen <JensNeuhalfen@gmx.de>
> To: git at vger.kernel.org
> Subject: SeLinux integration
> Date: 	Sun, 17 Aug 2008 12:44:22 +0200
> 
> Hi,
> 
> I  wrote an SeLinux policy and an init.d script  for the git-daemon  
> and now seek for comments and improvements.
> 
> The scripts were tested on my Centos 5.2 box  and an older version had  
> been tested on FC 9.
> 
>   Features:
>     * multiple configuration files for the init.d script
>     * selinux support for git daemon
>     * seboolean (git_daemon_update_repository) that forces git-daemon  
> into strict read-only mode when set to false
> 
> TODO
>   * The policy and the accompanying init.d script still lack  
> documentation
>   * see selinux/BUGS and initd/BUGS
> 
> Feel free to pull from my repository and comment. If the everything is  
> 'good' I will send patches to the list, so that SeLinux support can be  
> integrated into the main repository.
> 
> 
>   git://www.neuhalfen.name/git-selinux.git
> 
> 
> Jens
> 
> --
> To unsubscribe from this list: send the line "unsubscribe git" in
> the body of a message to majordomo at vger.kernel.org
> More majordomo info at  http://vger.kernel.org/majordomo-info.html