Louis DaPrato louis89
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| !/bin/bash | |
| # Call this script with the name of the source policy file. | |
| # The policy file is expected to have the extension .te | |
| if [ $1 ]; then | |
| m4 "$1.te" > "$1.m4.te" | |
| checkmodule -M -m "$1.m4.te" -o "$1.mod" | |
| semodule_package -o "$1.pp" -m "$1.mod" | |
| else |
louis89
/ mysql_home_selinux_fcontext
Created
May 15, 2015 02:02
Add SELinux fcontext for mysql root directory in /home
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| sudo semanage fcontext -t mysqld_db_t -s system_u -a "/home/mysql(/.*)?" |
louis89
/ set_jenkins_build_description.groovy
Created
March 15, 2015 19:17
A Groovy script to automatically set a Jenkins build's description to the title of the pull request that triggered the build. Works with GitHub and Bitbucket.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import groovy.json.JsonSlurper | |
| def build = Thread.currentThread().executable | |
| def workspace = new File(build.workspace.getRemote()) | |
| def repositoryMatcher = "git config --get remote.origin.url".execute(null, workspace).text =~ /.+?(bitbucket.org|github.com)(?::|\/)(.*?).git$/ | |
| def pullIdMatcher = "git log ${build.getEnvironment()["GIT_COMMIT"]} --merges --oneline -n 1".execute(null, workspace).text =~ /pull request #(\d+)/ | |
| if (!pullIdMatcher) { | |
| println "Could not find pull request for commit '${build.getEnvironment()["GIT_COMMIT"]}'." |
louis89
/ httpd_read_mysql_lnk_file.te
Last active
August 29, 2015 13:57
SELinux policy allowing Apache web server to read a symbolic link at MySQL's default main data directory location (Useful to keep default configurations after moving MySQL's main data directory)
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # @author Louis DaPrato <[email protected]> | |
| module httpd_read_mysql_lnk_file 1.0; | |
| require { | |
| type mysqld_db_t; | |
| type httpd_t; | |
| class lnk_file read; | |
| } |
louis89
/ mysql_home_root_t.te
Last active
August 29, 2015 13:57
SELinux policy to allow moving MySQL's main data directory to Linux users home directory
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # @author Louis DaPrato <[email protected]> | |
| module mysql_home_root_t 1.0; | |
| require { | |
| type mysqld_safe_t; | |
| type mysqld_t; | |
| type home_root_t; | |
| class dir { search open read getattr }; | |
| } |