Use stream connect pattern.

Use stream_connect_pattern.

Use stream_connect_pattern.

Use stream_connect_pattern.

Signed-off-by: Dominick Grift <domg472@gmail.com>

policy/modules/services/postgresql.if

@@ -312,10 +312,8 @@ interface(`postgresql_stream_connect',`
 	')
 
 	files_search_pids($1)
-	allow $1 postgresql_t:unix_stream_socket connectto;
-	allow $1 postgresql_var_run_t:sock_file write;
-	# Some versions of postgresql put the sock file in /tmp
-	allow $1 postgresql_tmp_t:sock_file write;
+	files_search_tmp($1)
+	stream_connect_pattern($1, { postgresql_var_run_t postgresql_tmp_t}, { postgresql_var_run_t postgresql_tmp_t}, postgresql_t)
 ')
 
 ########################################

policy/modules/services/resmgr.if

@@ -16,7 +16,6 @@ interface(`resmgr_stream_connect',`
 		type resmgrd_var_run_t, resmgrd_t;
 	')
 
-	allow $1 resmgrd_t:unix_stream_socket connectto;
-	allow $1 resmgrd_var_run_t:sock_file { getattr write };
 	files_search_pids($1)
+	stream_connect_pattern($1, resmgrd_var_run_t, resmgrd_var_run_t, resmgrd_t)
 ')

policy/modules/services/ricci.if

@@ -108,8 +108,7 @@ interface(`ricci_stream_connect_modclusterd',`
 	')
 
 	files_search_pids($1)
-	allow $1 ricci_modcluster_var_run_t:sock_file write;
-	allow $1 ricci_modclusterd_t:unix_stream_socket connectto;
+	stream_connect_pattern($1, ricci_modcluster_var_run_t, ricci_modcluster_var_run_t, ricci_modclusterd_t)
 ')
 
 ########################################

policy/modules/services/rpcbind.if

@@ -34,8 +34,7 @@ interface(`rpcbind_stream_connect',`
 	')
 
 	files_search_pids($1)
-	allow $1 rpcbind_var_run_t:sock_file write;
-	allow $1 rpcbind_t:unix_stream_socket connectto;
+	stream_connect_pattern($1, rpcbind_var_run_t, rpcbind_var_run_t, rpcbind_t)
 ')
 
 ########################################