From 1f4b7fa0d75d25f518047e77c88718ec1cc3f5bb Mon Sep 17 00:00:00 2001
From: Stefano Brivio <sbrivio@redhat.com>
Date: Mon, 28 Mar 2022 11:08:39 +0200
Subject: passt, pasta: Add examples of SELinux policy modules

These should cover any reasonably common use case in distributions.

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
---
 contrib/selinux/pasta.fc | 13 +++++++++++++
 1 file changed, 13 insertions(+)
 create mode 100644 contrib/selinux/pasta.fc

(limited to 'contrib/selinux/pasta.fc')

diff --git a/contrib/selinux/pasta.fc b/contrib/selinux/pasta.fc
new file mode 100644
index 0000000..f8fa0fa
--- /dev/null
+++ b/contrib/selinux/pasta.fc
@@ -0,0 +1,13 @@
+# SPDX-License-Identifier: AGPL-3.0-or-later
+#
+# PASTA - Pack A Subtle Tap Abstraction
+#  for network namespace/tap device mode
+#
+# contrib/selinux/pasta.fc - SELinux profile example: File Context for pasta
+#
+# Copyright (c) 2022 Red Hat GmbH
+# Author: Stefano Brivio <sbrivio@redhat.com>
+
+/usr/bin/pasta(\.*)?		system_u:object_r:pasta_exec_t:s0
+/tmp/pasta\.pcap		system_u:object_r:pasta_log_t:s0
+/var/run/pasta\.pid		system_u:object_r:pasta_pid_t:s0
-- 
cgit v1.2.3