17 lines
467 B
Plaintext
17 lines
467 B
Plaintext
|
module nagios-socket 1.1;
|
||
|
|
|
||
|
|
require {
|
||
|
|
type nagios_t;
|
||
|
|
type nagios_spool_t;
|
||
|
|
class sock_file { write create unlink };
|
||
|
|
class unix_stream_socket connectto;
|
||
|
|
}
|
||
|
|
|
||
|
|
|
||
|
|
#============= nagios_t ==============
|
||
|
|
|
||
|
|
#!!!! This avc is allowed in the current policy
|
||
|
|
allow nagios_t nagios_spool_t:sock_file { write create unlink };
|
||
|
|
#!!!! This avc can be allowed using the boolean 'daemons_enable_cluster_mode'
|
||
|
|
allow nagios_t self:unix_stream_socket connectto;
|