11 files changed, 678 insertions, 0 deletions
diff --git a/qpid/cpp/etc/CMakeLists.txt b/qpid/cpp/etc/CMakeLists.txt
new file mode 100644
index 0000000000..03121b364a
--- /dev/null
+++ b/qpid/cpp/etc/CMakeLists.txt
@@ -0,0 +1,20 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+install(FILES qpidd.conf qpidc.conf DESTINATION ${QPID_INSTALL_CONFDIR})
diff --git a/qpid/cpp/etc/Makefile.am b/qpid/cpp/etc/Makefile.am
new file mode 100644
index 0000000000..c91dbcbbad
--- /dev/null
+++ b/qpid/cpp/etc/Makefile.am
@@ -0,0 +1,59 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+SASL_CONF = sasl2/qpidd.conf
+
+EXTRA_DIST = \
+	$(SASL_CONF) \
+	qpidd qpidd.conf qpidc.conf CMakeLists.txt
+
+confdir=$(sysconfdir)/qpid
+nobase_conf_DATA=\
+	qpidc.conf
+
+nobase_sysconf_DATA = \
+	qpidd.conf
+
+if HAVE_SASL
+SASL_DB = qpidd.sasldb
+
+nobase_sysconf_DATA += \
+	$(SASL_CONF)
+
+sasldbdir = $(localstatedir)/lib/qpidd
+sasldb_DATA = $(SASL_DB)
+
+# Setup the default sasldb file with a single user, guest, with an
+# obvious password. This user and password are the default for many
+# clients.
+#
+# The realm specified by -u is very important, and QPID is the default
+# for the broker so we use it here. The realm is important because it
+# defaults to the local hostname of the machine running the
+# broker. This may not seem to bad at first glance, but it means that
+# the sasldb has to be tailored to each machine that would be running
+# a broker, and if the machine ever changed its name the
+# authentication would stop working until the sasldb was updated. For
+# these reasons we always want the broker to specify a realm where its
+# users live, and we want the users to exist in that realm as well.
+$(SASL_DB):
+	echo guest | $(SASL_PASSWD) -c -p -f $(SASL_DB) -u QPID guest
+
+CLEANFILES=$(SASL_DB)
+
+endif
diff --git a/qpid/cpp/etc/emacs/qpid-c++-mode.el b/qpid/cpp/etc/emacs/qpid-c++-mode.el
new file mode 100644
index 0000000000..ed1b4aa44b
--- /dev/null
+++ b/qpid/cpp/etc/emacs/qpid-c++-mode.el
@@ -0,0 +1,226 @@
+;;; qpid-c++-mode.el --- Qpid specific c++-mode customizations.
+
+;;
+;; Licensed to the Apache Software Foundation (ASF) under one or more
+;; contributor license agreements.  See the NOTICE file distributed
+;; with this work for additional information regarding copyright
+;; ownership.  The ASF licenses this file to you under the Apache
+;; License, Version 2.0 (the * "License") ; you may not use this file
+;; except in compliance with the License.  You may obtain a copy of
+;; the License at
+;; 
+;;   http://www.apache.org/licenses/LICENSE-2.0
+;; 
+;; Unless required by applicable law or agreed to in writing, software
+;; distributed under the License is distributed on an "AS IS" BASIS,
+;; WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
+;; implied.  See the License for the specific language governing
+;; permissions and limitations under the License.
+;;
+
+;;;=====================================================================
+;;; Commentary:
+;;
+;; C++ customizations to make c++ mode follow the Qpid style guidelines,
+;; along with some other handy functions to generate initial starting point
+;; .h and .cpp files etc.
+;;
+;; I have this in my .emacs:
+;; (add-to-list 'auto-mode-alist '("\\.h$" . c++-mode))
+;; (require 'qpid-c++-mode)
+;; 
+;; Written by Alan Conway: aconway@redhat.com
+;;
+;; For latest version, check
+;;  http://svn.apache.org/repos/asf/qpid/trunk/qpid/cpp/etc/emacs/qpid-c++-mode.el
+;;
+
+(require 'cc-mode)
+
+;; Increment the version number if you change this file.
+(defconst qpid-c++-version "1.00" "Qpid C++ style support version number.")
+
+(defun qpid-c++-version ()
+  "Echo the current version of qpid-c++-mode in the minibuffer."
+  (interactive)
+  (message "Using qpid-c++-mode version %s" qpid-c++-version))
+
+(defun qpid-c++-mode ()
+  "Qpid C++ mode customizations"
+  (c-add-style "qpid-c++"
+	       '("gnu"
+		 (indent-tabs-mode . nil)
+		 (c-basic-offset . 4)
+		 (c-offsets-alist .
+				  ((statement-case-intro . *)
+				   (statement-case-open . *)
+				   (substatement-open . 0)
+				   (case-label . *)
+				   (access-label . /)
+				   (friend . /)
+				   (arglist-intro . +)
+				   (arglist-cont . 0)
+				   (arglist-close . 0)
+				   (inline-open . 0)
+				   (brace-list-open . 0)
+				   (innamespace . 0)
+				   ))) )
+  (c-set-style "qpid-c++")
+  (setq c-hungry-delete-key t)
+  (setq c-tab-always-indent t)
+  (setq c-hanging-braces-alist '((substatement-open . (after))
+                                 (extern-lang-open . (after))
+				 (defun-open . (after))
+				 (class-open . (after))
+				 (block-open . (after))
+
+				 (inline-open . (after))
+				 (defun-block-intro . (after))
+				 (inclass . (after))
+				 (topmost-intro . (after))
+
+                                 (brace-list-open)
+                                 (brace-list-close)
+				 (namespace-open)
+				 ))
+  (setq c-hanging-colons-alist '((member-init-intro)
+                                 (inher-intro)
+                                 (case-label)
+                                 (label)
+                                 (access-label)))
+  (setq mode-name "Qpid C++"))
+
+
+(defun copyright ()
+  (interactive)
+  (insert "/*
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements.  See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership.  The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * \"License\"); you may not use this file except in compliance
+ * with the License.  You may obtain a copy of the License at
+ * 
+ *   http://www.apache.org/licenses/LICENSE-2.0
+ * 
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * \"AS IS\" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied.  See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ *
+ */"))
+
+(defun indent-buffer ()
+  (interactive)
+  (indent-region (point-min) (point-max) nil))
+
+(defun path-to-namespace (path)
+  (replace-regexp-in-string "/" "::" (replace-regexp-in-string "/$" "" path)))
+
+(defun src-subpath (path)
+  (if (string-match "/src/\\(.*\\)$" path) (match-string 1 path) ""))
+
+(defun namespace-for-file (file)
+  (path-to-namespace (src-subpath (file-name-directory file))))
+
+(defun cpp-guard-for-file (file)
+  (upcase (replace-regexp-in-string "[/.-]" "_" (src-subpath file))))
+
+(defun ask-for-namespace ()
+  (read-from-minibuffer "Namespace: " (namespace-for-file (buffer-file-name))))
+
+;;; Generate starting point code for new files
+
+(defun insert-ns-open (namespaces)
+    (mapcar (lambda (ns) (insert "namespace " ns " {\n")) namespaces))
+
+(defun insert-ns-close (namespaces)
+  (mapcar (lambda (ns) (insert "}")) namespaces)
+  (insert " // namespace " (mapconcat 'identity namespaces "::") "\n"))
+
+(defun ns-around-region (namespace)
+  (interactive (list (ask-for-namespace)))
+  (save-excursion
+    (let ((namespaces (split-string namespace "::")))
+      (if (< (mark) (point)) (exchange-point-and-mark))
+      (insert "\n")
+      (insert-ns-open namespaces)
+      (goto-char (mark))
+      (insert "\n")
+      (insert-ns-close namespaces))))
+
+(defun insert-class.h (class namespaces)
+  "Insert class skeleton in .h file"
+  (insert-ns-open namespaces)
+  (insert "\n"
+	  "/**\n     *\n     */\n"
+	  "    class " class "\n"
+	  "    {\n      public:\nprivate:\n};\n"
+	  )
+  (insert-ns-close namespaces))
+  
+(defun insert-platform.h (class namespaces)
+  "Insert platform #include for platform class."
+  (insert "#include <qpid/sys/platform.h>\n"
+	  "#include QPID_PLATFORM_H(" class ".h)\n"))
+
+(defun .h (namespace &optional content)
+  "Initialize a .h file with Qpid copyright etc."
+  (interactive (list (ask-for-namespace)))
+  (copyright)
+  (let ((content (or content  'insert-class.h))
+	(class (file-name-nondirectory
+		(file-name-sans-extension(buffer-file-name))))
+	(namespaces (split-string namespace "::")))
+    
+    (insert "\n")
+    (apply content class namespaces nil)
+    (insert "\n"))
+  (previous-line 1)
+  (beginning-of-line)
+  (indent-buffer)
+  (save-excursion (cpp-guard)))
+
+(defun .cpp (namespace)
+  "Initialize an empty .cpp file with Qpid copyright etc."
+  (interactive (list (ask-for-namespace)))
+  (copyright)
+  (insert "\n#include \"" (file-name-sans-extension
+			   (file-name-nondirectory buffer-file-name))
+	  ".h\"\n\n")
+  (let ((namespaces (split-string namespace "::")))
+    (insert-ns-open namespaces)
+    (insert-ns-close namespaces))
+  (indent-buffer))
+						   
+(defun cpp-guard ()
+  "Insert C preprocessor macro guard to prevent file rescanning.
+The guard macro is defined from the name of the immediate containing
+directory and the name of the file."
+  (interactive)
+  (let ((name (cpp-guard-for-file (buffer-file-name))))
+    (goto-char (point-min))
+    (save-excursion
+      (if (looking-at "#ifndef .*\n#define .*\n\n")
+	  (let ((ifndef (match-data 0)))
+	    (goto-char (point-max))
+	    (previous-line 1)
+	    (beginning-of-line)
+	    (if (looking-at "#endif")
+		(progn
+		  (kill-line 1)
+		  (kill-region (car ifndef) (cadr ifndef)))))))
+    (insert "#ifndef " name "\n#define " name "\n\n")
+    (goto-char (point-max))
+    (beginning-of-line)
+    (insert (format "#endif  /*!%s*/\n" name))))
+
+(add-hook 'c++-mode-hook 'qpid-c++-mode)
+
+(provide 'qpid-c++-mode)
+
+
diff --git a/qpid/cpp/etc/qpidc.conf b/qpid/cpp/etc/qpidc.conf
new file mode 100644
index 0000000000..588999c074
--- /dev/null
+++ b/qpid/cpp/etc/qpidc.conf
@@ -0,0 +1,23 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# Configuration file for the qpid c++ client library. Entries are of
+# the form:
+#   name=value
+#
+# (Note: no spaces on either side of '=')
diff --git a/qpid/cpp/etc/qpidd b/qpid/cpp/etc/qpidd
new file mode 100755
index 0000000000..07cbb825d5
--- /dev/null
+++ b/qpid/cpp/etc/qpidd
@@ -0,0 +1,118 @@
+#!/bin/bash
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+# qpidd        Startup script for the Qpid messaging daemon.
+#
+
+### BEGIN INIT INFO
+# Provides: qpidd
+# Required-Start: $local_fs
+# Required-Stop: $local_fs
+# Default-Start: 2 3 4 5
+# Default-Stop: 0 1 6
+# Short-Description: start or stop qpidd
+# Description: Qpidd is an AMQP broker. It receives, stores, routes and	forwards messages using the AMQP protcol.
+### END INIT INFO
+
+# chkconfig: - 85 15
+# description: Qpidd is an AMQP broker. It receives, stores, routes and forwards messages using the AMQP protcol.
+# processname: qpidd
+
+prog=qpidd
+lockfile=/var/lock/subsys/$prog
+pidfile=/var/run/qpidd.pid
+
+# Source function library.
+. /etc/rc.d/init.d/functions
+
+if [ -f /etc/sysconfig/$prog ] ; then
+	. /etc/sysconfig/$prog
+fi
+
+RETVAL=0
+
+#ensure binary is present and executable
+if [[ !(-x /usr/sbin/$prog) ]] ; then
+    echo "/usr/sbin/$prog not found or not executable" 
+    exit 5
+fi
+
+#ensure user has sufficient permissions
+runuser -s /bin/sh qpidd -c "echo x > /dev/null" 2> /dev/null || RETVAL=4
+if [ $RETVAL = 4 ]; then
+    echo "user had insufficient privilege";
+    exit $RETVAL
+fi
+
+start() {
+        [[ $QPID_DATA_DIR ]] || QPID_DATA_DIR=/var/lib/qpidd
+        echo -n $"Starting Qpid AMQP daemon: "
+	daemon --pidfile $pidfile --check $prog --user qpidd /usr/sbin/$prog --data-dir $QPID_DATA_DIR --daemon $QPIDD_OPTIONS
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && touch $lockfile
+	if [ $RETVAL = 0 ]; then
+	    touch $pidfile
+	    chown qpidd.qpidd $pidfile
+            [ -x /sbin/restorecon ] && /sbin/restorecon $pidfile
+	    runuser - -s /bin/sh qpidd -c "/usr/sbin/$prog --check > $pidfile"
+	fi
+	return $RETVAL
+}
+
+stop() {
+	echo -n $"Stopping Qpid AMQP daemon: "
+	killproc -p ${pidfile} $prog
+	RETVAL=$?
+	echo
+	[ $RETVAL = 0 ] && rm -f ${lockfile} ${pidfile}
+}
+
+reload() {
+	echo 1>&2 $"$0: reload not supported"
+	exit 3
+}
+
+restart() {
+	stop
+	start
+}
+
+# See how we were called.
+case "$1" in
+  start|stop|restart|reload)
+	$1
+	;;
+  status)
+	status $prog
+	RETVAL=$?
+	;;
+  force-reload)
+	restart
+	;;
+  try-restart|condrestart)
+	[ -e $lockfile ] && restart || :
+	;;
+  *)
+	echo 1>&2 $"Usage: $0 {start|stop|status|restart|condrestart|try-restart|force-reload}"
+	exit 2
+esac
+
+exit $RETVAL
diff --git a/qpid/cpp/etc/qpidd.conf b/qpid/cpp/etc/qpidd.conf
new file mode 100644
index 0000000000..8082660f6f
--- /dev/null
+++ b/qpid/cpp/etc/qpidd.conf
@@ -0,0 +1,24 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# Configuration file for qpidd. Entries are of the form: 
+#   name=value 
+#
+# (Note: no spaces on either side of '='). Using default settings:
+# "qpidd --help" or "man qpidd" for more details.
+cluster-mechanism=ANONYMOUS
diff --git a/qpid/cpp/etc/sasl2/qpidd.conf b/qpid/cpp/etc/sasl2/qpidd.conf
new file mode 100644
index 0000000000..3197d7792a
--- /dev/null
+++ b/qpid/cpp/etc/sasl2/qpidd.conf
@@ -0,0 +1,45 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+#
+# This configuation allows for either SASL PLAIN or ANONYMOUS
+# authentication. The PLAIN authentication is done on a
+# username+password, which is stored in the sasldb_path
+# file. Usernames and passwords can be added to the file using the
+# command:
+#
+#   saslpasswd2 -f /var/lib/qpidd/qpidd.sasldb -u <REALM> <USER>
+#
+# The REALM is important and should be the same as the --auth-realm
+# option to the broker. This lets the broker properly find the user in
+# the sasldb file.
+#
+# Existing user accounts may be listed with:
+#
+#   sasldblistusers2 -f /var/lib/qpidd/qpidd.sasldb
+#
+# NOTE: The sasldb file must be readable by the user running the qpidd
+# daemon, and should be readable only by that user.
+#
+pwcheck_method: auxprop
+auxprop_plugin: sasldb
+sasldb_path: /var/lib/qpidd/qpidd.sasldb
+
+#following line stops spurious 'sql_select option missing' errors when
+#cyrus-sql-sasl plugin is installed
+sql_select: dummy select
diff --git a/qpid/cpp/etc/selinux/.gitignore b/qpid/cpp/etc/selinux/.gitignore
new file mode 100644
index 0000000000..aca772170b
--- /dev/null
+++ b/qpid/cpp/etc/selinux/.gitignore
@@ -0,0 +1,26 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+# 
+#   http://www.apache.org/licenses/LICENSE-2.0
+# 
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+/qpidd.fc
+/qpidd.if
+/qpidd.pp
+/qpiddevel.fc
+/qpiddevel.if
+/qpiddevel.pp
+/tmp
diff --git a/qpid/cpp/etc/selinux/Makefile b/qpid/cpp/etc/selinux/Makefile
new file mode 100644
index 0000000000..1ab6337114
--- /dev/null
+++ b/qpid/cpp/etc/selinux/Makefile
@@ -0,0 +1,34 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+# Makefile to build and install the selinux policies in this directory.
+# Needs to be run as root.
+
+POLICIES = qpidd.pp qpiddevel.pp
+SOURCES = $(POLICIES:.pp=.te)
+
+all: $(POLICIES)
+
+$(POLICIES): $(SOURCES)
+	make -f /usr/share/selinux/devel/Makefile
+
+install: $(POLICIES)
+	for p in $(POLICIES); do /usr/sbin/semodule -i $$p; done
+
+clean:
+	rm -rf *~ *.pp *.fc *.if tmp
diff --git a/qpid/cpp/etc/selinux/qpidd.te b/qpid/cpp/etc/selinux/qpidd.te
new file mode 100644
index 0000000000..52b8e29509
--- /dev/null
+++ b/qpid/cpp/etc/selinux/qpidd.te
@@ -0,0 +1,49 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# selinux policy needed to run the qpidd service with clustering
+# enabled and selinux in enforcing mode.
+#
+# To build the qpid.pp module in this directory do:
+#   sudo make -f /usr/share/selinux/devel/Makefile
+# To install the compiled qpidd.pp
+#   sudo semodule -i qpidd.pp
+
+policy_module(qpidd, 1.2)
+
+gen_require(`
+        type initrc_t;
+        type ccs_t;
+	class sem { write unix_read unix_write associate read destroy };
+	class shm { unix_read write unix_write associate read destroy };
+')
+
+fs_rw_tmpfs_files(ccs_t)
+allow ccs_t initrc_t:sem { read write unix_read unix_write associate destroy };
+allow ccs_t initrc_t:shm { read write unix_read unix_write associate destroy };
+allow ccs_t self:capability { ipc_owner dac_override };
+
+optional_policy(`
+	gen_require(`
+		type aisexec_t;
+	')
+	allow aisexec_t initrc_t:sem { read write unix_read unix_write associate destroy };
+	allow aisexec_t initrc_t:shm { read write unix_read unix_write associate destroy };
+	allow aisexec_t self:capability { sys_admin ipc_owner dac_override };
+')
diff --git a/qpid/cpp/etc/selinux/qpiddevel.te b/qpid/cpp/etc/selinux/qpiddevel.te
new file mode 100644
index 0000000000..10c5dfc880
--- /dev/null
+++ b/qpid/cpp/etc/selinux/qpiddevel.te
@@ -0,0 +1,54 @@
+#
+# Licensed to the Apache Software Foundation (ASF) under one
+# or more contributor license agreements.  See the NOTICE file
+# distributed with this work for additional information
+# regarding copyright ownership.  The ASF licenses this file
+# to you under the Apache License, Version 2.0 (the
+# "License"); you may not use this file except in compliance
+# with the License.  You may obtain a copy of the License at
+#
+#   http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing,
+# software distributed under the License is distributed on an
+# "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+# KIND, either express or implied.  See the License for the
+# specific language governing permissions and limitations
+# under the License.
+#
+
+# selinux policy for qpid developers.
+# If you have configured a qpid source tree with cluster support, you will need
+# this policy to run the make check tests with with selinux in enforcing mode.
+#
+# To build the qpid.pp module in this directory do:
+#   sudo make -f /usr/share/selinux/devel/Makefile
+# To install the compiled qpiddevel.pp
+#   sudo semodule -i qpiddevel.pp
+
+policy_module(qpiddevel, 1.1)
+
+gen_require(`
+	type unconfined_t;
+	type unconfined_execmem_t;
+	type ccs_t;
+	class capability sys_admin;
+	class sem { write unix_read unix_write associate read destroy };
+	class shm { unix_read write unix_write associate read destroy };
+')
+
+allow ccs_t self:capability sys_admin;
+allow ccs_t unconfined_t:sem { write unix_read unix_write associate read destroy };
+allow ccs_t unconfined_t:shm { unix_read write unix_write associate read destroy };
+
+optional_policy(`
+	gen_require(`
+		type aisexec_t;
+	')
+	allow aisexec_t self:capability sys_admin;
+	allow aisexec_t unconfined_t:sem { read write unix_read unix_write associate destroy };
+	allow aisexec_t unconfined_t:shm { read write unix_read unix_write associate destroy };
+	allow aisexec_t unconfined_execmem_t:sem { write unix_read unix_write associate read destroy };
+	allow aisexec_t unconfined_execmem_t:shm { write unix_read unix_write associate read destroy };
+
+')