From 8ef047dc5bfe7db45da48ca06d894ba3c653c214 Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Fri, 18 Jul 2014 19:53:12 +0000
Subject: [PATCH] Furthermore.

---
 .../base/files/selinux/fi-collectd.mod        | Bin 1439 -> 1612 bytes
 .../base/files/selinux/fi-collectd.pp         | Bin 1455 -> 1628 bytes
 .../base/files/selinux/fi-collectd.te         |   6 ++++--
 3 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/roles/collectd/base/files/selinux/fi-collectd.mod b/roles/collectd/base/files/selinux/fi-collectd.mod
index e37ce5c8674af964558be4a8f57f028e15640053..9247a19bf7b0c1d616201854a6ab8d8065af3a83 100644
GIT binary patch
delta 240
zcmbQweTHX(1EbMI#~?W-1_lNY27$E9oK$uwKeZw?xwK^BqB|Tc3=9k)Joy%*0(WwL
zURq{)T5)^{>tsbH;mPk9dAO1?^WsamK&mF+XOy0Nfst?W7Dk!LzZmTpStieAl4j(X
z{E$g}@&zV=$pS1qljkvVOrF5R!3wq+Mc!ia0Y;9=YnXVDbjUDEOb%dXnf!-I0WQii
y`2w>D$c)J$%n^+IlO0*iCqH4<VPxJc$fCi>$THcARhFHVfq@|@GjFmdYZw4_T0OV`

delta 177
zcmX@ZGoO2c1Eb+Y#~^-21_lNY27$E9oQWIna56J6Fn}=E<O7WI9Lf24X_@J1#gloM
zl=zeLb8=FXOH$%XxEL51m?j%C3r}9l$T3-u$&QhE@<k@;$ra2JlNT`QOg3OvfU*T9
zi!f_UUcf8@<+Dt_z+5s}fkk5S2Ns3NH7q)lH!$%`e!#@D`2dR`qX5`u1_lPWz28{F
E09nH?CjbBd

diff --git a/roles/collectd/base/files/selinux/fi-collectd.pp b/roles/collectd/base/files/selinux/fi-collectd.pp
index 996ef20b9b9192bdd5281b4eb6a237cdf2d172f6..67a5db1f6ffef727c6cb41589bd5719c3f77327a 100644
GIT binary patch
delta 240
zcmZ3_eTQd40He{wz#us$1_lNY27$E9oK$uwKeZw?xwK^BraK%g3=9k)Joy!)0(WwL
zURq{)T5)^{>tsVF;mQ9PdAO1?^WsamK&mFcXOy1&fRS(V5k{HGTugS1ER)wVNi%Xx
z{>UUg`2mx_WCa$U$?F(7CNE&(U<KQZB5yJI0wc%dJxn}EI&_#NCMPhnOy*%$fQzzB
ye!wgOGGlTIa|9#*<Ukhl$zPat7@0RKvS=_evP|}3m1SpTU|>kf%$pp^8U_Hc9zGfX

delta 176
zcmcb^vz~iG0Hfi=z#x7`1_lNY27$E9oQVhTa56J6Fn}=E<O_`Q9Lf24X_@J1#gk>2
zl=zeLb8=FXOH$%XxEL51m?k?i3s2t5$T8WD$&QhE@<S%+$sNoRlQ%HwOm<*afU*T9
zt1xR!-oPvZ<+DtFz+5uffJI^wtHR_S7M;lln0O|CVB*<)fklu}0BkV>0|VSzHnuPT
Dol7q0

diff --git a/roles/collectd/base/files/selinux/fi-collectd.te b/roles/collectd/base/files/selinux/fi-collectd.te
index afc648d56f..b3a7375621 100644
--- a/roles/collectd/base/files/selinux/fi-collectd.te
+++ b/roles/collectd/base/files/selinux/fi-collectd.te
@@ -1,16 +1,18 @@
 
-module fi-collectd 1.1;
+module fi-collectd 1.2;
 
 require {
+	type bin_t;
 	type configfs_t;
 	type pstorefs_t;
 	type collectd_t;
 	class capability { setuid dac_read_search sys_ptrace setgid dac_override };
-	class file read;
+	class file { read execute };
 	class dir getattr;
 }
 
 #============= collectd_t ==============
+allow collectd_t bin_t:file execute;
 allow collectd_t configfs_t:dir getattr;
 allow collectd_t pstorefs_t:dir getattr;
 allow collectd_t self:capability { setuid dac_read_search sys_ptrace setgid dac_override };