23 lines
638 B
Plaintext
23 lines
638 B
Plaintext
module zabbix_policy 1.2;
|
|
|
|
require {
|
|
type zabbix_t;
|
|
type zabbix_port_t;
|
|
type zabbix_var_run_t;
|
|
type postgresql_port_t;
|
|
type httpd_t;
|
|
class tcp_socket name_connect;
|
|
class sock_file { create unlink };
|
|
class unix_stream_socket connectto;
|
|
}
|
|
|
|
#============= zabbix_t ==============
|
|
allow zabbix_t self:unix_stream_socket connectto;
|
|
allow zabbix_t zabbix_port_t:tcp_socket name_connect;
|
|
allow zabbix_t zabbix_var_run_t:sock_file create;
|
|
allow zabbix_t zabbix_var_run_t:sock_file unlink;
|
|
allow httpd_t zabbix_port_t:tcp_socket name_connect;
|
|
|
|
#============= httpd_t ==============
|
|
allow httpd_t postgresql_port_t:tcp_socket name_connect;
|