blob: 891ff52cad9eb466ab2ff5cf8cd2b33b98356545 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
|
#include <tunables/global>
/usr/sbin/nghttpx {
#include <abstractions/base>
#include <abstractions/nameservice>
#include <abstractions/openssl>
capability setgid,
capability setuid,
/usr/sbin/nghttpx rmix, # allow to run itself
/etc/nghttpx/nghttpx.conf r, # allow to read the config file
/etc/ssl/** r, # give access to ssl keys
/{,var/}run/nghttpx.pid lw, # allow to store a pid file
}
|
