From f386b9002d4b8693ca592b9a567f25ea5dfaf87f Mon Sep 17 00:00:00 2001 From: Dominick Grift Date: Wed, 15 Sep 2010 12:31:03 +0200 Subject: [PATCH] Use the stream_connect_pattern. Use stream_connect_pattern. Signed-off-by: Dominick Grift --- policy/modules/services/ldap.if | 8 +++----- policy/modules/services/munin.if | 3 +-- 2 files changed, 4 insertions(+), 7 deletions(-) diff --git a/policy/modules/services/ldap.if b/policy/modules/services/ldap.if index e5684f44..d15f94d8 100644 --- a/policy/modules/services/ldap.if +++ b/policy/modules/services/ldap.if @@ -126,11 +126,10 @@ interface(`ldap_stream_connect',` ') files_search_pids($1) - allow $1 slapd_var_run_t:sock_file write; - allow $1 slapd_t:unix_stream_socket connectto; + stream_connect_pattern($1, slapd_var_run_t, slapd_var_run_t, slapd_t) optional_policy(` - ldap_stream_connect_dirsrv($1) + ldap_stream_connect_dirsrv($1) ') ') @@ -150,8 +149,7 @@ interface(`ldap_stream_connect_dirsrv',` ') files_search_pids($1) - allow $1 dirsrv_var_run_t:sock_file write; - allow $1 dirsrv_t:unix_stream_socket connectto; + stream_connect_pattern($1, dirsrv_var_run_t, dirsrv_var_run_t, dirsrv_t) ') ######################################## diff --git a/policy/modules/services/munin.if b/policy/modules/services/munin.if index 50467384..dda8ca9c 100644 --- a/policy/modules/services/munin.if +++ b/policy/modules/services/munin.if @@ -57,9 +57,8 @@ interface(`munin_stream_connect',` type munin_var_run_t, munin_t; ') - allow $1 munin_t:unix_stream_socket connectto; - allow $1 munin_var_run_t:sock_file { getattr write }; files_search_pids($1) + stream_connect_pattern($1, munin_var_run_t, munin_var_run_t, munin_t) ') #######################################