|
|
1ec3d1a |
## <summary>Ruby on rails deployment for Apache and Nginx servers.</summary>
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
######################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Execute passenger in the passenger domain.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed to transition.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`passenger_domtrans',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type passenger_t, passenger_exec_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
domtrans_pattern($1, passenger_exec_t, passenger_t)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
######################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Execute passenger in the current domain.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed to transition.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`passenger_exec',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type passenger_exec_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
can_exec($1, passenger_exec_t)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
d313338 |
#######################################
|
|
|
d313338 |
## <summary>
|
|
|
d313338 |
## Getattr passenger log files
|
|
|
d313338 |
## </summary>
|
|
|
d313338 |
## <param name="domain">
|
|
|
d313338 |
## <summary>
|
|
|
d313338 |
## Domain allowed access.
|
|
|
d313338 |
## </summary>
|
|
|
d313338 |
## </param>
|
|
|
d313338 |
#
|
|
|
d313338 |
interface(`passenger_getattr_log_files',`
|
|
|
d313338 |
gen_require(`
|
|
|
d313338 |
type passenger_log_t;
|
|
|
d313338 |
')
|
|
|
d313338 |
|
|
|
d313338 |
getattr_files_pattern($1, passenger_log_t, passenger_log_t)
|
|
|
d313338 |
')
|
|
|
d313338 |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Read passenger lib files
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`passenger_read_lib_files',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type passenger_var_lib_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
read_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
|
|
|
1ec3d1a |
read_lnk_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
|
|
|
1ec3d1a |
files_search_var_lib($1)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
########################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Manage passenger lib files
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`passenger_manage_lib_files',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type passenger_var_lib_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
manage_dirs_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
|
|
|
1ec3d1a |
manage_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
|
|
|
1ec3d1a |
manage_lnk_files_pattern($1, passenger_var_lib_t, passenger_var_lib_t)
|
|
|
1ec3d1a |
files_search_var_lib($1)
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
#####################################
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Manage passenger var_run content.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## <param name="domain">
|
|
|
1ec3d1a |
## <summary>
|
|
|
1ec3d1a |
## Domain allowed access.
|
|
|
1ec3d1a |
## </summary>
|
|
|
1ec3d1a |
## </param>
|
|
|
1ec3d1a |
#
|
|
|
1ec3d1a |
interface(`passenger_manage_pid_content',`
|
|
|
1ec3d1a |
gen_require(`
|
|
|
1ec3d1a |
type passenger_var_run_t;
|
|
|
1ec3d1a |
')
|
|
|
1ec3d1a |
|
|
|
1ec3d1a |
files_search_pids($1)
|
|
|
1ec3d1a |
manage_dirs_pattern($1, passenger_var_run_t, passenger_var_run_t)
|
|
|
1ec3d1a |
manage_files_pattern($1, passenger_var_run_t, passenger_var_run_t)
|
|
|
1ec3d1a |
manage_fifo_files_pattern($1, passenger_var_run_t, passenger_var_run_t)
|
|
|
1ec3d1a |
manage_sock_files_pattern($1, passenger_var_run_t, passenger_var_run_t)
|
|
|
1ec3d1a |
')
|
|
|
10a7474 |
|
|
|
10a7474 |
########################################
|
|
|
10a7474 |
## <summary>
|
|
|
10a7474 |
## Connect to passenger unix stream socket.
|
|
|
10a7474 |
## </summary>
|
|
|
10a7474 |
## <param name="domain">
|
|
|
10a7474 |
## <summary>
|
|
|
10a7474 |
## Domain allowed access.
|
|
|
10a7474 |
## </summary>
|
|
|
10a7474 |
## </param>
|
|
|
10a7474 |
#
|
|
|
10a7474 |
interface(`passenger_stream_connect',`
|
|
|
10a7474 |
gen_require(`
|
|
|
10a7474 |
type passenger_t;
|
|
|
10a7474 |
')
|
|
|
10a7474 |
|
|
|
10a7474 |
allow $1 passenger_t:unix_stream_socket connectto;
|
|
|
10a7474 |
')
|
|
|
e9032b5 |
|
|
|
e9032b5 |
#######################################
|
|
|
e9032b5 |
## <summary>
|
|
|
e9032b5 |
## Allow to manage passenger tmp files/dirs.
|
|
|
e9032b5 |
## </summary>
|
|
|
e9032b5 |
## <param name="domain">
|
|
|
e9032b5 |
## <summary>
|
|
|
e9032b5 |
## Domain allowed access.
|
|
|
e9032b5 |
## </summary>
|
|
|
e9032b5 |
## </param>
|
|
|
e9032b5 |
#
|
|
|
e9032b5 |
interface(`passenger_manage_tmp_files',`
|
|
|
e9032b5 |
gen_require(`
|
|
|
e9032b5 |
type passenger_tmp_t;
|
|
|
e9032b5 |
')
|
|
|
e9032b5 |
|
|
|
e9032b5 |
files_search_tmp($1)
|
|
|
e9032b5 |
manage_files_pattern($1, passenger_tmp_t, passenger_tmp_t)
|
|
|
e9032b5 |
manage_dirs_pattern($1, passenger_tmp_t, passenger_tmp_t)
|
|
|
e9032b5 |
')
|