20 lines
461 B
Text
20 lines
461 B
Text
policy_module(centos-zabbix-agent, 1.1)
|
|
|
|
require{
|
|
type zabbix_agent_t;
|
|
type zabbix_t;
|
|
type ping_t;
|
|
type zabbix_tmp_t;
|
|
class process setrlimit;
|
|
}
|
|
|
|
allow ping_t zabbix_tmp_t:file read_file_perms;
|
|
allow ping_t zabbix_t:tcp_socket { read write };
|
|
allow zabbix_agent_t self:process setrlimit;
|
|
|
|
kernel_read_network_state(zabbix_agent_t)
|
|
domain_read_all_domains_state(zabbix_agent_t)
|
|
dev_read_sysfs(zabbix_agent_t)
|
|
corenet_tcp_connect_all_ports(zabbix_agent_t)
|
|
|
|
|