Use the stream_connect_pattern.
Use stream_connect_pattern. Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
parent
c5e7db7a71
commit
f386b9002d
@ -126,11 +126,10 @@ interface(`ldap_stream_connect',`
|
||||
')
|
||||
|
||||
files_search_pids($1)
|
||||
allow $1 slapd_var_run_t:sock_file write;
|
||||
allow $1 slapd_t:unix_stream_socket connectto;
|
||||
stream_connect_pattern($1, slapd_var_run_t, slapd_var_run_t, slapd_t)
|
||||
|
||||
optional_policy(`
|
||||
ldap_stream_connect_dirsrv($1)
|
||||
ldap_stream_connect_dirsrv($1)
|
||||
')
|
||||
')
|
||||
|
||||
@ -150,8 +149,7 @@ interface(`ldap_stream_connect_dirsrv',`
|
||||
')
|
||||
|
||||
files_search_pids($1)
|
||||
allow $1 dirsrv_var_run_t:sock_file write;
|
||||
allow $1 dirsrv_t:unix_stream_socket connectto;
|
||||
stream_connect_pattern($1, dirsrv_var_run_t, dirsrv_var_run_t, dirsrv_t)
|
||||
')
|
||||
|
||||
########################################
|
||||
|
@ -57,9 +57,8 @@ interface(`munin_stream_connect',`
|
||||
type munin_var_run_t, munin_t;
|
||||
')
|
||||
|
||||
allow $1 munin_t:unix_stream_socket connectto;
|
||||
allow $1 munin_var_run_t:sock_file { getattr write };
|
||||
files_search_pids($1)
|
||||
stream_connect_pattern($1, munin_var_run_t, munin_var_run_t, munin_t)
|
||||
')
|
||||
|
||||
#######################################
|
||||
|
Loading…
Reference in New Issue
Block a user