SELinux with Subgit


Do you have any advice or policies that can be imported into selinux for subgit mirroring?
I am trying to have subgit mirror local svn repository with SELinux enforcing. I could not find anything in the documentation which seemed obvious.
If you find helpful I can provide a sample of audit.log


SELinux permissive or disable is not an option.

Hello Dom,

indeed, we don’t have any documentation on that matter, mostly because we hadn’t been facing with any issues using SubGit in SELinux environment and had a few requests about that.
The only place where SELinux may affect SubGit operations is SubGit hooks: SubGit uses hooks to intercept pushes and translate incoming commits to SVN. During their work, hooks try to find out if the daemon is up and running: they try to get the daemon pid and connect to the daemon and that’s where SELinux probably can stop the operations. This can be resolved by creating a custom policy to allow hooks to get information about other processes attributes.
All the rest SubGit features should not introduce issues with SELinux.