Use the stream_connect_pattern.

Use stream_connect_pattern.

Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
Dominick Grift 2010-09-15 12:31:03 +02:00
parent c5e7db7a71
commit f386b9002d
2 changed files with 4 additions and 7 deletions

View File

@ -126,8 +126,7 @@ interface(`ldap_stream_connect',`
') ')
files_search_pids($1) files_search_pids($1)
allow $1 slapd_var_run_t:sock_file write; stream_connect_pattern($1, slapd_var_run_t, slapd_var_run_t, slapd_t)
allow $1 slapd_t:unix_stream_socket connectto;
optional_policy(` optional_policy(`
ldap_stream_connect_dirsrv($1) ldap_stream_connect_dirsrv($1)
@ -150,8 +149,7 @@ interface(`ldap_stream_connect_dirsrv',`
') ')
files_search_pids($1) files_search_pids($1)
allow $1 dirsrv_var_run_t:sock_file write; stream_connect_pattern($1, dirsrv_var_run_t, dirsrv_var_run_t, dirsrv_t)
allow $1 dirsrv_t:unix_stream_socket connectto;
') ')
######################################## ########################################

View File

@ -57,9 +57,8 @@ interface(`munin_stream_connect',`
type munin_var_run_t, munin_t; type munin_var_run_t, munin_t;
') ')
allow $1 munin_t:unix_stream_socket connectto;
allow $1 munin_var_run_t:sock_file { getattr write };
files_search_pids($1) files_search_pids($1)
stream_connect_pattern($1, munin_var_run_t, munin_var_run_t, munin_t)
') ')
####################################### #######################################