diff options
Diffstat (limited to 'contrib/usr.sbin.nghttpx')
| -rw-r--r-- | contrib/usr.sbin.nghttpx | 16 |
1 files changed, 16 insertions, 0 deletions
diff --git a/contrib/usr.sbin.nghttpx b/contrib/usr.sbin.nghttpx new file mode 100644 index 0000000..891ff52 --- /dev/null +++ b/contrib/usr.sbin.nghttpx @@ -0,0 +1,16 @@ +#include <tunables/global> + +/usr/sbin/nghttpx { + #include <abstractions/base> + #include <abstractions/nameservice> + #include <abstractions/openssl> + + capability setgid, + capability setuid, + + /usr/sbin/nghttpx rmix, # allow to run itself + /etc/nghttpx/nghttpx.conf r, # allow to read the config file + /etc/ssl/** r, # give access to ssl keys + + /{,var/}run/nghttpx.pid lw, # allow to store a pid file +} |