Differential D11035

SELinux policies for phabricator, arcanist and libphutil
AbandonedPublic
Actions

Authored by vinzent on Dec 23 2014, 9:39 AM.

Details

Reviewers

None

Group Reviewers

Blessed Reviewers

Summary

policy source files to run phabricator with selinux enabled.

Some sites have stric selinux enforcing policies for their servers and therefore require a selinux policy to run phabricator.

Test Plan

in use on a RHEL6 system

Diff Detail

Repository

rP Phabricator

Branch

selinux

Lint

Lint Errors

Severity	Location	Code	Message
Error	resources/selinux/arcanist.fc:1	TXT2	Tab Literal
Error	resources/selinux/arcanist.if:3	TXT2	Tab Literal
Error	resources/selinux/libphutil.fc:1	TXT2	Tab Literal
Error	resources/selinux/libphutil.if:3	TXT2	Tab Literal
Error	resources/selinux/phabricator.fc:1	TXT2	Tab Literal
Error	resources/selinux/phabricator.if:3	TXT2	Tab Literal
Warning	resources/selinux/README:26	TXT3	Line Too Long
Warning	resources/selinux/arcanist.fc:2	TXT3	Line Too Long
Warning	resources/selinux/phabricator.fc:1	TXT3	Line Too Long
Warning	resources/selinux/phabricator.fc:2	TXT3	Line Too Long
Warning	resources/selinux/phabricator.fc:3	TXT3	Line Too Long
Warning	resources/selinux/phabricator.fc:4	TXT3	Line Too Long
Warning	resources/selinux/phabricator.fc:5	TXT3	Line Too Long
Warning	resources/selinux/phabricator.fc:6	TXT3	Line Too Long
Auto-Fix	resources/selinux/arcanist.if:35	TXT9	Trailing Whitespace at EOF
Auto-Fix	resources/selinux/libphutil.if:17	TXT9	Trailing Whitespace at EOF
Auto-Fix	resources/selinux/libphutil.te:7	TXT9	Trailing Whitespace at EOF
Auto-Fix	resources/selinux/phabricator.if:35	TXT9	Trailing Whitespace at EOF
Auto-Fix	resources/selinux/phabricator.te:36	TXT6	Trailing Whitespace
Auto-Fix	resources/selinux/phabricator.te:37	TXT6	Trailing Whitespace
Auto-Fix	resources/selinux/phabricator.te:38	TXT6	Trailing Whitespace
Auto-Fix	resources/selinux/phabricator.te:39	TXT6	Trailing Whitespace
Auto-Fix	resources/selinux/phabricator.te:54	TXT6	Trailing Whitespace
Auto-Fix	resources/selinux/phabricator.te:63	TXT9	Trailing Whitespace at EOF

Unit

No Test Coverage

Build Status

Buildable 3319
Build 3326: [Placeholder Plan] Wait for 30 Seconds

Event Timeline

vinzent updated this revision to Diff 26496.Dec 23 2014, 9:39 AM

vinzent retitled this revision from to SELinux policies for phabricator, arcanist and libphutil.

vinzent updated this object.

vinzent edited the test plan for this revision. (Show Details)

Herald added a reviewer: Blessed Reviewers. · View Herald TranscriptDec 23 2014, 9:39 AM

Herald added a subscriber: epriestley. · View Herald Transcript

We aren't interested in including these in the upstream: we aren't experienced with SELinux, don't test on it, and don't want to maintain them (and they're very likely to change over time).

You could publish these somewhere and add them to the community resources page: https://secure.phabricator.com/w/community_resources/

added to my github fork https://github.com/vinzent/phabricator/tree/master/resources/selinux and linked on https://secure.phabricator.com/w/community_resources/