From 620beb87f382ec483b25f38332ec231e1dfc4fad Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Fri, 18 Jul 2014 20:09:15 +0000
Subject: [PATCH] Don't forget the unix_stream_socket.

---
 .../base/files/selinux/fi-collectd.mod        | Bin 1924 -> 2201 bytes
 .../base/files/selinux/fi-collectd.pp         | Bin 1940 -> 2217 bytes
 .../base/files/selinux/fi-collectd.te         |   5 ++++-
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/roles/collectd/base/files/selinux/fi-collectd.mod b/roles/collectd/base/files/selinux/fi-collectd.mod
index 9f77dcfb391c6ef0721cdbd9a35e471c45244871..ba2404df1d4e5200be796c2f998d3d43d04c6e54 100644
GIT binary patch
delta 366
zcmZXQPfEj35XNWTd-MDk3DsH(DMZ1Aid5*r?5u8FyLS;JMhVtL>=Szc_cja)BJ>Wf
z1-*e+s8{d?GL1;lf!X}NZ-)8i&VQ;6_i?v8sMiPpq%~AU<=G~ha(GBf0(ea=Z{OtE
zAnv>C^yD(`7s*BH<^TWzASv=ZO`I#{f5!F8*vCZ+0MbG=k5s@7wS$(gRJf4knTwq$
zRun%edc8Dprxl}#`(B-+<#!$6DtAr5ZM{KeGBM3O9_bbmzv}SU=dm&^URQPg(B2f?
zGfk3%i9=JlBa+DBpN((kh&$Bew)U{gV~UXYnIhT7kMxPew|1)`ulfHJez3=A`O9`@
LCA<XXm6_rj$vsk{

delta 230
zcmYj~F=_%)6h-fQ^Zy?WV`d~%h>ke51|xxhV3R<w6~xX;EV6)*1qjpYaI28UB?!qH
zlGY`-1Koi#3c=zuhs(L2)ht{+%TxXmR}6px4*<B(yZoarUcMTZZwdoIzv~i;wE!%;
zI_6eW{^~6=O?c2Zu}n>af2PL07xBwWY!P!;_MVx>d@#ZPYHpJAwE!3RV>)bVz@v-G
sg;fBpt474B3%Ine5^`e)3|%UQJ=fv8+lk@CZ*%RB#PZ-jvR|5=0IuRQvH$=8

diff --git a/roles/collectd/base/files/selinux/fi-collectd.pp b/roles/collectd/base/files/selinux/fi-collectd.pp
index 645bc0651d506155ff7a7a4dd59aa5f99d1927ad..33574ab37b8bbc42170423fad785508c42f048c0 100644
GIT binary patch
delta 366
zcmZXQ%}T>i5QS&%y>shNB(xSOv=BFnicl0Wy9zE`YF)bs5`zS50`@9hx^rt7_qtIK
zq2O}}`Uc_~^c7?pk)i{$`OcYP&fNLW)!Qy^7l-vK0f4lIvZ%OPMN>TNQB44EsQLBF
zEFDCBcaa>QNBulLOWZU7AOOU9mL;)s`OMF_ejWKZX8}N3sOF(+^0I29<!cqprdjGD
zCyEutkMmwHiQP%bXzadMr)c>@H*t{<Op`l$h0J(jl6gGTEhK)^!LQHbnrZQts`IDz
zCg{FtkQ_|hHl;fxi5&dd_-?wqOAYR54|jM(Arik(DBJjnzL5CFt}V!G{y&8u?GakW
O%I1`Wm!P~<$-e=b>QsXO

delta 228
zcmYj~J!%4B6h-fQ-_ML;;*4k^I-s>i2mvcWEkx`z*?}NfSY`=g?|7$A+K?uY4W!5#
zOzTbz6Cqff=5RUpt&+$4h4iz>+N}jpU;u!bR<m70O!hi0-4q6Zes&}l=Kwek^@%5K
z^QdL!njXwr9Pe$DKeo=ZN%(G3SG4?<y<@I5j%@V5dba7`vj7+PZM*Dg#5hPwg;fBp
ot46|&kNDyy67$Oq*z#?$9Q!V}{v?*Gpu>+~F76OMa276q0i?e(LjV8(

diff --git a/roles/collectd/base/files/selinux/fi-collectd.te b/roles/collectd/base/files/selinux/fi-collectd.te
index b1ceef9244..14526f9e52 100644
--- a/roles/collectd/base/files/selinux/fi-collectd.te
+++ b/roles/collectd/base/files/selinux/fi-collectd.te
@@ -1,13 +1,15 @@
 
-module fi-collectd 1.5;
+module fi-collectd 1.6;
 
 require {
 	type var_run_t;
 	type bin_t;
 	type configfs_t;
+	type init_t;
 	type pstorefs_t;
 	type collectd_t;
 	class sock_file { read write getattr };
+	class unix_stream_socket connectto;
 	class capability { setuid dac_read_search sys_ptrace setgid dac_override };
 	class file { read execute execute_no_trans };
 	class dir getattr;
@@ -16,6 +18,7 @@ require {
 #============= collectd_t ==============
 allow collectd_t bin_t:file { execute execute_no_trans };
 allow collectd_t configfs_t:dir getattr;
+allow collectd_t init_t:unix_stream_socket connectto;
 allow collectd_t pstorefs_t:dir getattr;
 allow collectd_t self:capability { setuid dac_read_search sys_ptrace setgid dac_override };
 allow collectd_t var_run_t:sock_file { read write getattr };