From 1f4b7fa0d75d25f518047e77c88718ec1cc3f5bb Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Mon, 28 Mar 2022 11:08:39 +0200
Subject: passt, pasta: Add examples of SELinux policy modules

These should cover any reasonably common use case in distributions.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 contrib/selinux/passt.if | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)
 create mode 100644 contrib/selinux/passt.if

(limited to 'contrib/selinux/passt.if')

diff --git a/contrib/selinux/passt.if b/contrib/selinux/passt.if
new file mode 100644
index 0000000..3ccb7f4
--- /dev/null
+++ b/contrib/selinux/passt.if
@@ -0,0 +1,17 @@
+# SPDX-License-Identifier: AGPL-3.0-or-later
+#
+# PASST - Plug A Simple Socket Transport
+#  for qemu/UNIX domain socket mode
+#
+# contrib/selinux/passt.if - SELinux profile example: Interface File for passt
+#
+# Copyright (c) 2022 Red Hat GmbH
+# Author: Stefano Brivio <sbrivio@redhat.com>
+
+interface('passt_read_data','
+	gen_require(`
+		type passt_data_t;
+	')
+	allow $1 passt_t:dir { search add_name };
+	allow $1 passt_t:file { open read getattr };
+')
-- 
cgit v1.2.3