Use the stream_connect_pattern.

Use stream_connect_pattern.

Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
Dominick Grift 2010-09-15 12:31:03 +02:00
parent c5e7db7a71
commit f386b9002d
2 changed files with 4 additions and 7 deletions

View File

@ -126,8 +126,7 @@ interface(`ldap_stream_connect',`
')
files_search_pids($1)
allow $1 slapd_var_run_t:sock_file write;
allow $1 slapd_t:unix_stream_socket connectto;
stream_connect_pattern($1, slapd_var_run_t, slapd_var_run_t, slapd_t)
optional_policy(`
ldap_stream_connect_dirsrv($1)
@ -150,8 +149,7 @@ interface(`ldap_stream_connect_dirsrv',`
')
files_search_pids($1)
allow $1 dirsrv_var_run_t:sock_file write;
allow $1 dirsrv_t:unix_stream_socket connectto;
stream_connect_pattern($1, dirsrv_var_run_t, dirsrv_var_run_t, dirsrv_t)
')
########################################

View File

@ -57,9 +57,8 @@ interface(`munin_stream_connect',`
type munin_var_run_t, munin_t;
')
allow $1 munin_t:unix_stream_socket connectto;
allow $1 munin_var_run_t:sock_file { getattr write };
files_search_pids($1)
stream_connect_pattern($1, munin_var_run_t, munin_var_run_t, munin_t)
')
#######################################