Building synapse SELinux policy into the image

2025-10-08 22:03:00 -04:00
parent ac16bf3389
commit e23792990c
2 changed files with 21 additions and 0 deletions
@@ -0,0 +1,14 @@
+
+module synapse 1.0;
+
+require {
+	type httpd_t;
+	type unreserved_port_t;
+	class tcp_socket name_bind;
+}
+
+#============= httpd_t ==============
+
+#!!!! This avc can be allowed using the boolean 'nis_enabled'
+allow httpd_t unreserved_port_t:tcp_socket name_bind;
+