SELinux targeted policy module which extends kernel mandatory access control policies to the git-daemon Server. The module has been compiled and tested on Red Hat Enterprise Linux 5 and CentOS 5.
Quick Links
Features
Provides an additional layer of protection around the standalone git-daemon process.
Dependencies
The following packages must be installed for policy compilation:
-
selinux-policy-targeted
-
selinux-policy-devel
To install the prerequisite packages, use RPM or YUM.
Example: sudo yum install selinux-policy-devel
Compilation and Installation
-
Unpack the archive (likely already completed if you are reading this)
-
Adjust file paths in git-daemon.fc to match the requirements of your system or distribution.
-
Run “make”
-
Install the resulting git-daemon.pp SELinux module (i.e. sudo /usr/sbin/semodule -i git-daemon.pp)
-
Reset file contexts (i.e. sudo /sbin/restorecon -FRrv <path where git executables are located> and sudo /sbin/restorecon -FRrv <path of git repository>)
-
Restart git-daemon