Infrastructure/ansible
1
0
Fork 0
Code Issues Pull requests 6 Projects Releases Packages Wiki Activity Actions

And.. talk to the sock.

Browse source
This commit is contained in:
Ralph Bean 2014-07-18 20:03:55 +00:00
parent 28bd3996a7
commit e0bbc8fe6e
3 changed files with 4 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

BIN
roles/collectd/base/files/selinux/fi-collectd.mod
View file

Binary file not shown.

BIN
roles/collectd/base/files/selinux/fi-collectd.pp
View file

Binary file not shown.

5
roles/collectd/base/files/selinux/fi-collectd.te
View file

@ -1,11 +1,13 @@
module fi-collectd 1.3; module fi-collectd 1.4;
require { require {
type var_run_t;
type bin_t; type bin_t;
type configfs_t; type configfs_t;
type pstorefs_t; type pstorefs_t;
type collectd_t; type collectd_t;
class sock_file getattr;
class capability { setuid dac_read_search sys_ptrace setgid dac_override }; class capability { setuid dac_read_search sys_ptrace setgid dac_override };
class file { read execute execute_no_trans }; class file { read execute execute_no_trans };
class dir getattr; class dir getattr;
@ -16,3 +18,4 @@ allow collectd_t bin_t:file { execute execute_no_trans };
allow collectd_t configfs_t:dir getattr; allow collectd_t configfs_t:dir getattr;
allow collectd_t pstorefs_t:dir getattr; allow collectd_t pstorefs_t:dir getattr;
allow collectd_t self:capability { setuid dac_read_search sys_ptrace setgid dac_override }; allow collectd_t self:capability { setuid dac_read_search sys_ptrace setgid dac_override };
allow collectd_t var_run_t:sock_file getattr;