Use domtrans_pattern because it include permission the sigchld target domain and other required access to domain transition.

Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
Dominick Grift 2010-09-16 08:51:01 +02:00
parent 2d102f8402
commit 5ebd1a52a5

View File

@ -31,8 +31,5 @@ interface(`ucspitcp_service_domain', `
role system_r types $1;
domain_auto_trans(ucspitcp_t, $2, $1)
allow $1 ucspitcp_t:fd use;
allow $1 ucspitcp_t:process sigchld;
allow $1 ucspitcp_t:tcp_socket rw_stream_socket_perms;
domtrans_pattern(ucspitcp_t, $2, $1)
')