From ce01e194202faac725c8608f0719bdc69ca8e97c Mon Sep 17 00:00:00 2001
From: Ralf Ertzinger <ralf@skytale.net>
Date: Sat, 12 Jun 2021 14:39:27 +0000
Subject: [PATCH] Add sslh policy

---
 sslh/sslh.fc | 0
 sslh/sslh.if | 1 +
 sslh/sslh.te | 8 ++++++++
 3 files changed, 9 insertions(+)
 create mode 100644 sslh/sslh.fc
 create mode 120000 sslh/sslh.if
 create mode 100644 sslh/sslh.te

diff --git a/sslh/sslh.fc b/sslh/sslh.fc
new file mode 100644
index 0000000..e69de29
diff --git a/sslh/sslh.if b/sslh/sslh.if
new file mode 120000
index 0000000..196caaa
--- /dev/null
+++ b/sslh/sslh.if
@@ -0,0 +1 @@
+../include/_sky_.if
\ No newline at end of file
diff --git a/sslh/sslh.te b/sslh/sslh.te
new file mode 100644
index 0000000..bfc8263
--- /dev/null
+++ b/sslh/sslh.te
@@ -0,0 +1,8 @@
+policy_module(sslh, 0.1.3)
+
+require {
+    type sslh_t;
+}
+
+# SSLH needs net_admin
+allow sslh_t self:capability net_admin;
-- 
1.8.3.1