gitosis patch from Dan Walsh

policy/modules/apps/gitosis.fc

@@ -1,3 +1,5 @@
 /usr/bin/gitosis-serve			--	gen_context(system_u:object_r:gitosis_exec_t,s0)
+/usr/bin/gl-auth-command		--	gen_context(system_u:object_r:gitosis_exec_t,s0)
 
 /var/lib/gitosis(/.*)?				gen_context(system_u:object_r:gitosis_var_lib_t,s0)
+/var/lib/gitolite(/.*)?				gen_context(system_u:object_r:gitosis_var_lib_t,s0)

policy/modules/apps/gitosis.if

@@ -62,7 +62,7 @@ interface(`gitosis_read_lib_files',`
 	files_search_var_lib($1)
 	read_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
 	read_lnk_files_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
-	list_dirs_pattern(%1, gitosis_var_lib_t, gitosis_var_lib_t)
+	list_dirs_pattern($1, gitosis_var_lib_t, gitosis_var_lib_t)
 ')
 
 ######################################

policy/modules/apps/gitosis.te

@@ -25,12 +25,17 @@ manage_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
 manage_lnk_files_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
 manage_dirs_pattern(gitosis_t, gitosis_var_lib_t, gitosis_var_lib_t)
 
-corecmd_exec_bin(gitosis_t) 
-corecmd_exec_shell(gitosis_t)
-
 kernel_read_system_state(gitosis_t)
 
+corecmd_exec_bin(gitosis_t)
+corecmd_exec_shell(gitosis_t)
+
+dev_read_urand(gitosis_t)
+
+files_read_etc_files(gitosis_t)
 files_read_usr_files(gitosis_t)
 files_search_var_lib(gitosis_t)
 
 miscfiles_read_localization(gitosis_t)
+
+sysnet_read_config(gitosis_t)