Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

Try to set the collectd redis monitoring straight with selinux.

Browse source
This commit is contained in:
Ralph Bean 2014-11-17 02:31:59 +00:00
parent 6928ea27fc
commit 7ff8a5e85b
4 changed files with 56 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.mod Normal file
View file

Binary file not shown.

BIN
roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.pp Normal file
View file

Binary file not shown.

17
roles/collectd/fcomm-queue/files/selinux/fi-collectd-fcomm.te Normal file
View file

@ -0,0 +1,17 @@
module fi-collectd-fcomm 1.0;
require {
type bin_t;
type collectd_t;
type ldconfig_exec_t;
type shell_exec_t;
class file { read getattr open ioctl execute execute_no_trans };
class lnk_file { read };
}
allow collectd_t bin_t:file ioctl;
allow collectd_t bin_t:lnk_file read;
allow collectd_t ldconfig_exec_t:file { read execute open execute_no_trans };
allow collectd_t shell_exec_t:file { getattr execute_no_trans };