8210ff3696
This is required to support netboot (which is off by default, but is useful together with the netboot fallback). Change-Id: I4d7640a24fac9fca2c24bc06fcedff400d74ed8d
22 lines
487 B
Plaintext
22 lines
487 B
Plaintext
module ironic_policy 1.0;
|
|
|
|
require {
|
|
type httpd_t;
|
|
type root_t;
|
|
type default_t;
|
|
class file open;
|
|
class file read;
|
|
class file getattr;
|
|
class lnk_file read;
|
|
}
|
|
|
|
|
|
#============= httpd_t ==============
|
|
|
|
allow httpd_t root_t:file open;
|
|
allow httpd_t default_t:file open;
|
|
allow httpd_t root_t:file { read getattr };
|
|
allow httpd_t default_t:file { read getattr };
|
|
allow httpd_t root_t:lnk_file read;
|
|
allow httpd_t default_t:lnk_file read;
|