## Net Saint / NAGIOS - network monitoring server ######################################## ## ## Allow the specified domain to read ## nagios configuration files. ## ## ## ## Domain allowed access. ## ## ## # interface(`nagios_read_config',` gen_require(` type nagios_etc_t; ') allow $1 nagios_etc_t:dir list_dir_perms; allow $1 nagios_etc_t:file r_file_perms; files_search_etc($1) ') ######################################## ## ## Allow the specified domain to read ## nagios temporary files. ## ## ## ## Domain allowed access. ## ## # interface(`nagios_read_tmp_files',` gen_require(` type nagios_tmp_t; ') allow $1 nagios_tmp_t:file r_file_perms; files_search_tmp($1) ') ######################################## ## ## Execute the nagios CGI with ## a domain transition. ## ## ## ## Domain allowed access. ## ## # interface(`nagios_domtrans_cgi',` gen_require(` type nagios_cgi_t, nagios_cgi_exec_t; ') domain_auto_trans($1,nagios_cgi_exec_t,nagios_cgi_t) allow nagios_cgi_t $1:fd use; allow nagios_cgi_t $1:fifo_file rw_file_perms; allow nagios_cgi_t $1:process sigchld; ') ######################################## ## ## Execute the nagios NRPE with ## a domain transition. ## ## ## ## Domain allowed access. ## ## # interface(`nagios_domtrans_nrpe',` gen_require(` type nrpe_t, nrpe_exec_t; ') domain_auto_trans($1,nrpe_exec_t,nrpe_t) allow nrpe_t $1:fd use; allow nrpe_t $1:fifo_file rw_file_perms; allow nrpe_t $1:process sigchld; ')