diff options
Diffstat (limited to 'cpp/etc')
| -rw-r--r-- | cpp/etc/CMakeLists.txt | 20 | ||||
| -rw-r--r-- | cpp/etc/Makefile.am | 59 | ||||
| -rw-r--r-- | cpp/etc/emacs/qpid-c++-mode.el | 226 | ||||
| -rw-r--r-- | cpp/etc/qpidc.conf | 23 | ||||
| -rwxr-xr-x | cpp/etc/qpidd | 118 | ||||
| -rw-r--r-- | cpp/etc/qpidd.conf | 24 | ||||
| -rw-r--r-- | cpp/etc/sasl2/qpidd.conf | 45 | ||||
| -rw-r--r-- | cpp/etc/selinux/.gitignore | 26 | ||||
| -rw-r--r-- | cpp/etc/selinux/Makefile | 34 | ||||
| -rw-r--r-- | cpp/etc/selinux/qpidd.te | 49 | ||||
| -rw-r--r-- | cpp/etc/selinux/qpiddevel.te | 54 |
11 files changed, 0 insertions, 678 deletions
diff --git a/cpp/etc/CMakeLists.txt b/cpp/etc/CMakeLists.txt deleted file mode 100644 index 03121b364a..0000000000 --- a/cpp/etc/CMakeLists.txt +++ /dev/null @@ -1,20 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -install(FILES qpidd.conf qpidc.conf DESTINATION ${QPID_INSTALL_CONFDIR}) diff --git a/cpp/etc/Makefile.am b/cpp/etc/Makefile.am deleted file mode 100644 index c91dbcbbad..0000000000 --- a/cpp/etc/Makefile.am +++ /dev/null @@ -1,59 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -SASL_CONF = sasl2/qpidd.conf - -EXTRA_DIST = \ - $(SASL_CONF) \ - qpidd qpidd.conf qpidc.conf CMakeLists.txt - -confdir=$(sysconfdir)/qpid -nobase_conf_DATA=\ - qpidc.conf - -nobase_sysconf_DATA = \ - qpidd.conf - -if HAVE_SASL -SASL_DB = qpidd.sasldb - -nobase_sysconf_DATA += \ - $(SASL_CONF) - -sasldbdir = $(localstatedir)/lib/qpidd -sasldb_DATA = $(SASL_DB) - -# Setup the default sasldb file with a single user, guest, with an -# obvious password. This user and password are the default for many -# clients. -# -# The realm specified by -u is very important, and QPID is the default -# for the broker so we use it here. The realm is important because it -# defaults to the local hostname of the machine running the -# broker. This may not seem to bad at first glance, but it means that -# the sasldb has to be tailored to each machine that would be running -# a broker, and if the machine ever changed its name the -# authentication would stop working until the sasldb was updated. For -# these reasons we always want the broker to specify a realm where its -# users live, and we want the users to exist in that realm as well. -$(SASL_DB): - echo guest | $(SASL_PASSWD) -c -p -f $(SASL_DB) -u QPID guest - -CLEANFILES=$(SASL_DB) - -endif diff --git a/cpp/etc/emacs/qpid-c++-mode.el b/cpp/etc/emacs/qpid-c++-mode.el deleted file mode 100644 index ed1b4aa44b..0000000000 --- a/cpp/etc/emacs/qpid-c++-mode.el +++ /dev/null @@ -1,226 +0,0 @@ -;;; qpid-c++-mode.el --- Qpid specific c++-mode customizations. - -;; -;; Licensed to the Apache Software Foundation (ASF) under one or more -;; contributor license agreements. See the NOTICE file distributed -;; with this work for additional information regarding copyright -;; ownership. The ASF licenses this file to you under the Apache -;; License, Version 2.0 (the * "License") ; you may not use this file -;; except in compliance with the License. You may obtain a copy of -;; the License at -;; -;; http://www.apache.org/licenses/LICENSE-2.0 -;; -;; Unless required by applicable law or agreed to in writing, software -;; distributed under the License is distributed on an "AS IS" BASIS, -;; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or -;; implied. See the License for the specific language governing -;; permissions and limitations under the License. -;; - -;;;===================================================================== -;;; Commentary: -;; -;; C++ customizations to make c++ mode follow the Qpid style guidelines, -;; along with some other handy functions to generate initial starting point -;; .h and .cpp files etc. -;; -;; I have this in my .emacs: -;; (add-to-list 'auto-mode-alist '("\\.h$" . c++-mode)) -;; (require 'qpid-c++-mode) -;; -;; Written by Alan Conway: aconway@redhat.com -;; -;; For latest version, check -;; http://svn.apache.org/repos/asf/qpid/trunk/qpid/cpp/etc/emacs/qpid-c++-mode.el -;; - -(require 'cc-mode) - -;; Increment the version number if you change this file. -(defconst qpid-c++-version "1.00" "Qpid C++ style support version number.") - -(defun qpid-c++-version () - "Echo the current version of qpid-c++-mode in the minibuffer." - (interactive) - (message "Using qpid-c++-mode version %s" qpid-c++-version)) - -(defun qpid-c++-mode () - "Qpid C++ mode customizations" - (c-add-style "qpid-c++" - '("gnu" - (indent-tabs-mode . nil) - (c-basic-offset . 4) - (c-offsets-alist . - ((statement-case-intro . *) - (statement-case-open . *) - (substatement-open . 0) - (case-label . *) - (access-label . /) - (friend . /) - (arglist-intro . +) - (arglist-cont . 0) - (arglist-close . 0) - (inline-open . 0) - (brace-list-open . 0) - (innamespace . 0) - ))) ) - (c-set-style "qpid-c++") - (setq c-hungry-delete-key t) - (setq c-tab-always-indent t) - (setq c-hanging-braces-alist '((substatement-open . (after)) - (extern-lang-open . (after)) - (defun-open . (after)) - (class-open . (after)) - (block-open . (after)) - - (inline-open . (after)) - (defun-block-intro . (after)) - (inclass . (after)) - (topmost-intro . (after)) - - (brace-list-open) - (brace-list-close) - (namespace-open) - )) - (setq c-hanging-colons-alist '((member-init-intro) - (inher-intro) - (case-label) - (label) - (access-label))) - (setq mode-name "Qpid C++")) - - -(defun copyright () - (interactive) - (insert "/* - * - * Licensed to the Apache Software Foundation (ASF) under one - * or more contributor license agreements. See the NOTICE file - * distributed with this work for additional information - * regarding copyright ownership. The ASF licenses this file - * to you under the Apache License, Version 2.0 (the - * \"License\"); you may not use this file except in compliance - * with the License. You may obtain a copy of the License at - * - * http://www.apache.org/licenses/LICENSE-2.0 - * - * Unless required by applicable law or agreed to in writing, - * software distributed under the License is distributed on an - * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY - * KIND, either express or implied. See the License for the - * specific language governing permissions and limitations - * under the License. - * - */")) - -(defun indent-buffer () - (interactive) - (indent-region (point-min) (point-max) nil)) - -(defun path-to-namespace (path) - (replace-regexp-in-string "/" "::" (replace-regexp-in-string "/$" "" path))) - -(defun src-subpath (path) - (if (string-match "/src/\\(.*\\)$" path) (match-string 1 path) "")) - -(defun namespace-for-file (file) - (path-to-namespace (src-subpath (file-name-directory file)))) - -(defun cpp-guard-for-file (file) - (upcase (replace-regexp-in-string "[/.-]" "_" (src-subpath file)))) - -(defun ask-for-namespace () - (read-from-minibuffer "Namespace: " (namespace-for-file (buffer-file-name)))) - -;;; Generate starting point code for new files - -(defun insert-ns-open (namespaces) - (mapcar (lambda (ns) (insert "namespace " ns " {\n")) namespaces)) - -(defun insert-ns-close (namespaces) - (mapcar (lambda (ns) (insert "}")) namespaces) - (insert " // namespace " (mapconcat 'identity namespaces "::") "\n")) - -(defun ns-around-region (namespace) - (interactive (list (ask-for-namespace))) - (save-excursion - (let ((namespaces (split-string namespace "::"))) - (if (< (mark) (point)) (exchange-point-and-mark)) - (insert "\n") - (insert-ns-open namespaces) - (goto-char (mark)) - (insert "\n") - (insert-ns-close namespaces)))) - -(defun insert-class.h (class namespaces) - "Insert class skeleton in .h file" - (insert-ns-open namespaces) - (insert "\n" - "/**\n *\n */\n" - " class " class "\n" - " {\n public:\nprivate:\n};\n" - ) - (insert-ns-close namespaces)) - -(defun insert-platform.h (class namespaces) - "Insert platform #include for platform class." - (insert "#include <qpid/sys/platform.h>\n" - "#include QPID_PLATFORM_H(" class ".h)\n")) - -(defun .h (namespace &optional content) - "Initialize a .h file with Qpid copyright etc." - (interactive (list (ask-for-namespace))) - (copyright) - (let ((content (or content 'insert-class.h)) - (class (file-name-nondirectory - (file-name-sans-extension(buffer-file-name)))) - (namespaces (split-string namespace "::"))) - - (insert "\n") - (apply content class namespaces nil) - (insert "\n")) - (previous-line 1) - (beginning-of-line) - (indent-buffer) - (save-excursion (cpp-guard))) - -(defun .cpp (namespace) - "Initialize an empty .cpp file with Qpid copyright etc." - (interactive (list (ask-for-namespace))) - (copyright) - (insert "\n#include \"" (file-name-sans-extension - (file-name-nondirectory buffer-file-name)) - ".h\"\n\n") - (let ((namespaces (split-string namespace "::"))) - (insert-ns-open namespaces) - (insert-ns-close namespaces)) - (indent-buffer)) - -(defun cpp-guard () - "Insert C preprocessor macro guard to prevent file rescanning. -The guard macro is defined from the name of the immediate containing -directory and the name of the file." - (interactive) - (let ((name (cpp-guard-for-file (buffer-file-name)))) - (goto-char (point-min)) - (save-excursion - (if (looking-at "#ifndef .*\n#define .*\n\n") - (let ((ifndef (match-data 0))) - (goto-char (point-max)) - (previous-line 1) - (beginning-of-line) - (if (looking-at "#endif") - (progn - (kill-line 1) - (kill-region (car ifndef) (cadr ifndef))))))) - (insert "#ifndef " name "\n#define " name "\n\n") - (goto-char (point-max)) - (beginning-of-line) - (insert (format "#endif /*!%s*/\n" name)))) - -(add-hook 'c++-mode-hook 'qpid-c++-mode) - -(provide 'qpid-c++-mode) - - diff --git a/cpp/etc/qpidc.conf b/cpp/etc/qpidc.conf deleted file mode 100644 index 588999c074..0000000000 --- a/cpp/etc/qpidc.conf +++ /dev/null @@ -1,23 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# Configuration file for the qpid c++ client library. Entries are of -# the form: -# name=value -# -# (Note: no spaces on either side of '=') diff --git a/cpp/etc/qpidd b/cpp/etc/qpidd deleted file mode 100755 index 07cbb825d5..0000000000 --- a/cpp/etc/qpidd +++ /dev/null @@ -1,118 +0,0 @@ -#!/bin/bash -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# -# qpidd Startup script for the Qpid messaging daemon. -# - -### BEGIN INIT INFO -# Provides: qpidd -# Required-Start: $local_fs -# Required-Stop: $local_fs -# Default-Start: 2 3 4 5 -# Default-Stop: 0 1 6 -# Short-Description: start or stop qpidd -# Description: Qpidd is an AMQP broker. It receives, stores, routes and forwards messages using the AMQP protcol. -### END INIT INFO - -# chkconfig: - 85 15 -# description: Qpidd is an AMQP broker. It receives, stores, routes and forwards messages using the AMQP protcol. -# processname: qpidd - -prog=qpidd -lockfile=/var/lock/subsys/$prog -pidfile=/var/run/qpidd.pid - -# Source function library. -. /etc/rc.d/init.d/functions - -if [ -f /etc/sysconfig/$prog ] ; then - . /etc/sysconfig/$prog -fi - -RETVAL=0 - -#ensure binary is present and executable -if [[ !(-x /usr/sbin/$prog) ]] ; then - echo "/usr/sbin/$prog not found or not executable" - exit 5 -fi - -#ensure user has sufficient permissions -runuser -s /bin/sh qpidd -c "echo x > /dev/null" 2> /dev/null || RETVAL=4 -if [ $RETVAL = 4 ]; then - echo "user had insufficient privilege"; - exit $RETVAL -fi - -start() { - [[ $QPID_DATA_DIR ]] || QPID_DATA_DIR=/var/lib/qpidd - echo -n $"Starting Qpid AMQP daemon: " - daemon --pidfile $pidfile --check $prog --user qpidd /usr/sbin/$prog --data-dir $QPID_DATA_DIR --daemon $QPIDD_OPTIONS - RETVAL=$? - echo - [ $RETVAL = 0 ] && touch $lockfile - if [ $RETVAL = 0 ]; then - touch $pidfile - chown qpidd.qpidd $pidfile - [ -x /sbin/restorecon ] && /sbin/restorecon $pidfile - runuser - -s /bin/sh qpidd -c "/usr/sbin/$prog --check > $pidfile" - fi - return $RETVAL -} - -stop() { - echo -n $"Stopping Qpid AMQP daemon: " - killproc -p ${pidfile} $prog - RETVAL=$? - echo - [ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile} -} - -reload() { - echo 1>&2 $"$0: reload not supported" - exit 3 -} - -restart() { - stop - start -} - -# See how we were called. -case "$1" in - start|stop|restart|reload) - $1 - ;; - status) - status $prog - RETVAL=$? - ;; - force-reload) - restart - ;; - try-restart|condrestart) - [ -e $lockfile ] && restart || : - ;; - *) - echo 1>&2 $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|force-reload}" - exit 2 -esac - -exit $RETVAL diff --git a/cpp/etc/qpidd.conf b/cpp/etc/qpidd.conf deleted file mode 100644 index 8082660f6f..0000000000 --- a/cpp/etc/qpidd.conf +++ /dev/null @@ -1,24 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# Configuration file for qpidd. Entries are of the form: -# name=value -# -# (Note: no spaces on either side of '='). Using default settings: -# "qpidd --help" or "man qpidd" for more details. -cluster-mechanism=ANONYMOUS diff --git a/cpp/etc/sasl2/qpidd.conf b/cpp/etc/sasl2/qpidd.conf deleted file mode 100644 index 3197d7792a..0000000000 --- a/cpp/etc/sasl2/qpidd.conf +++ /dev/null @@ -1,45 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# -# This configuation allows for either SASL PLAIN or ANONYMOUS -# authentication. The PLAIN authentication is done on a -# username+password, which is stored in the sasldb_path -# file. Usernames and passwords can be added to the file using the -# command: -# -# saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u <REALM> <USER> -# -# The REALM is important and should be the same as the --auth-realm -# option to the broker. This lets the broker properly find the user in -# the sasldb file. -# -# Existing user accounts may be listed with: -# -# sasldblistusers2 -f /var/lib/qpidd/qpidd.sasldb -# -# NOTE: The sasldb file must be readable by the user running the qpidd -# daemon, and should be readable only by that user. -# -pwcheck_method: auxprop -auxprop_plugin: sasldb -sasldb_path: /var/lib/qpidd/qpidd.sasldb - -#following line stops spurious 'sql_select option missing' errors when -#cyrus-sql-sasl plugin is installed -sql_select: dummy select diff --git a/cpp/etc/selinux/.gitignore b/cpp/etc/selinux/.gitignore deleted file mode 100644 index aca772170b..0000000000 --- a/cpp/etc/selinux/.gitignore +++ /dev/null @@ -1,26 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -/qpidd.fc -/qpidd.if -/qpidd.pp -/qpiddevel.fc -/qpiddevel.if -/qpiddevel.pp -/tmp diff --git a/cpp/etc/selinux/Makefile b/cpp/etc/selinux/Makefile deleted file mode 100644 index 1ab6337114..0000000000 --- a/cpp/etc/selinux/Makefile +++ /dev/null @@ -1,34 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# -# Makefile to build and install the selinux policies in this directory. -# Needs to be run as root. - -POLICIES = qpidd.pp qpiddevel.pp -SOURCES = $(POLICIES:.pp=.te) - -all: $(POLICIES) - -$(POLICIES): $(SOURCES) - make -f /usr/share/selinux/devel/Makefile - -install: $(POLICIES) - for p in $(POLICIES); do /usr/sbin/semodule -i $$p; done - -clean: - rm -rf *~ *.pp *.fc *.if tmp diff --git a/cpp/etc/selinux/qpidd.te b/cpp/etc/selinux/qpidd.te deleted file mode 100644 index 52b8e29509..0000000000 --- a/cpp/etc/selinux/qpidd.te +++ /dev/null @@ -1,49 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -# selinux policy needed to run the qpidd service with clustering -# enabled and selinux in enforcing mode. -# -# To build the qpid.pp module in this directory do: -# sudo make -f /usr/share/selinux/devel/Makefile -# To install the compiled qpidd.pp -# sudo semodule -i qpidd.pp - -policy_module(qpidd, 1.2) - -gen_require(` - type initrc_t; - type ccs_t; - class sem { write unix_read unix_write associate read destroy }; - class shm { unix_read write unix_write associate read destroy }; -') - -fs_rw_tmpfs_files(ccs_t) -allow ccs_t initrc_t:sem { read write unix_read unix_write associate destroy }; -allow ccs_t initrc_t:shm { read write unix_read unix_write associate destroy }; -allow ccs_t self:capability { ipc_owner dac_override }; - -optional_policy(` - gen_require(` - type aisexec_t; - ') - allow aisexec_t initrc_t:sem { read write unix_read unix_write associate destroy }; - allow aisexec_t initrc_t:shm { read write unix_read unix_write associate destroy }; - allow aisexec_t self:capability { sys_admin ipc_owner dac_override }; -') diff --git a/cpp/etc/selinux/qpiddevel.te b/cpp/etc/selinux/qpiddevel.te deleted file mode 100644 index 10c5dfc880..0000000000 --- a/cpp/etc/selinux/qpiddevel.te +++ /dev/null @@ -1,54 +0,0 @@ -# -# Licensed to the Apache Software Foundation (ASF) under one -# or more contributor license agreements. See the NOTICE file -# distributed with this work for additional information -# regarding copyright ownership. The ASF licenses this file -# to you under the Apache License, Version 2.0 (the -# "License"); you may not use this file except in compliance -# with the License. You may obtain a copy of the License at -# -# http://www.apache.org/licenses/LICENSE-2.0 -# -# Unless required by applicable law or agreed to in writing, -# software distributed under the License is distributed on an -# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY -# KIND, either express or implied. See the License for the -# specific language governing permissions and limitations -# under the License. -# - -# selinux policy for qpid developers. -# If you have configured a qpid source tree with cluster support, you will need -# this policy to run the make check tests with with selinux in enforcing mode. -# -# To build the qpid.pp module in this directory do: -# sudo make -f /usr/share/selinux/devel/Makefile -# To install the compiled qpiddevel.pp -# sudo semodule -i qpiddevel.pp - -policy_module(qpiddevel, 1.1) - -gen_require(` - type unconfined_t; - type unconfined_execmem_t; - type ccs_t; - class capability sys_admin; - class sem { write unix_read unix_write associate read destroy }; - class shm { unix_read write unix_write associate read destroy }; -') - -allow ccs_t self:capability sys_admin; -allow ccs_t unconfined_t:sem { write unix_read unix_write associate read destroy }; -allow ccs_t unconfined_t:shm { unix_read write unix_write associate read destroy }; - -optional_policy(` - gen_require(` - type aisexec_t; - ') - allow aisexec_t self:capability sys_admin; - allow aisexec_t unconfined_t:sem { read write unix_read unix_write associate destroy }; - allow aisexec_t unconfined_t:shm { read write unix_read unix_write associate destroy }; - allow aisexec_t unconfined_execmem_t:sem { write unix_read unix_write associate read destroy }; - allow aisexec_t unconfined_execmem_t:shm { write unix_read unix_write associate read destroy }; - -') |