Use the stream_connect_pattern.
Use stream_connect_pattern. Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
parent
c5e7db7a71
commit
f386b9002d
@ -126,8 +126,7 @@ interface(`ldap_stream_connect',`
|
|||||||
')
|
')
|
||||||
|
|
||||||
files_search_pids($1)
|
files_search_pids($1)
|
||||||
allow $1 slapd_var_run_t:sock_file write;
|
stream_connect_pattern($1, slapd_var_run_t, slapd_var_run_t, slapd_t)
|
||||||
allow $1 slapd_t:unix_stream_socket connectto;
|
|
||||||
|
|
||||||
optional_policy(`
|
optional_policy(`
|
||||||
ldap_stream_connect_dirsrv($1)
|
ldap_stream_connect_dirsrv($1)
|
||||||
@ -150,8 +149,7 @@ interface(`ldap_stream_connect_dirsrv',`
|
|||||||
')
|
')
|
||||||
|
|
||||||
files_search_pids($1)
|
files_search_pids($1)
|
||||||
allow $1 dirsrv_var_run_t:sock_file write;
|
stream_connect_pattern($1, dirsrv_var_run_t, dirsrv_var_run_t, dirsrv_t)
|
||||||
allow $1 dirsrv_t:unix_stream_socket connectto;
|
|
||||||
')
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
|
@ -57,9 +57,8 @@ interface(`munin_stream_connect',`
|
|||||||
type munin_var_run_t, munin_t;
|
type munin_var_run_t, munin_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 munin_t:unix_stream_socket connectto;
|
|
||||||
allow $1 munin_var_run_t:sock_file { getattr write };
|
|
||||||
files_search_pids($1)
|
files_search_pids($1)
|
||||||
|
stream_connect_pattern($1, munin_var_run_t, munin_var_run_t, munin_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
#######################################
|
#######################################
|
||||||
|
Loading…
Reference in New Issue
Block a user