[selinux-policy: 1763/3172] trunk: nagios update from dan
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 21:37:21 UTC 2010
commit 02f2c3e979679a84354958543d3ed79019243f42
Author: Chris PeBenito <cpebenito at tresys.com>
Date: Thu Jun 21 17:23:19 2007 +0000
trunk: nagios update from dan
policy/modules/services/nagios.te | 18 +++++++-----------
1 files changed, 7 insertions(+), 11 deletions(-)
---
diff --git a/policy/modules/services/nagios.te b/policy/modules/services/nagios.te
index 777cc15..cb5bf91 100644
--- a/policy/modules/services/nagios.te
+++ b/policy/modules/services/nagios.te
@@ -1,5 +1,5 @@
-policy_module(nagios,1.2.0)
+policy_module(nagios,1.2.1)
########################################
#
@@ -73,8 +73,10 @@ corenet_tcp_sendrecv_all_nodes(nagios_t)
corenet_udp_sendrecv_all_nodes(nagios_t)
corenet_tcp_sendrecv_all_ports(nagios_t)
corenet_udp_sendrecv_all_ports(nagios_t)
+corenet_tcp_connect_all_ports(nagios_t)
dev_read_sysfs(nagios_t)
+dev_read_urand(nagios_t)
domain_use_interactive_fds(nagios_t)
# for ps
@@ -97,8 +99,6 @@ logging_send_syslog_msg(nagios_t)
miscfiles_read_localization(nagios_t)
-sysnet_read_config(nagios_t)
-
userdom_dontaudit_use_unpriv_user_fds(nagios_t)
userdom_dontaudit_search_sysadm_home_dirs(nagios_t)
@@ -111,17 +111,13 @@ ifdef(`targeted_policy',`
')
optional_policy(`
- netutils_domtrans_ping(nagios_t)
- netutils_signal_ping(nagios_t)
- netutils_kill_ping(nagios_t)
-
- # cjp: leaked file descriptors:
- #dontaudit ping_t nagios_etc_t:file read;
- #dontaudit ping_t nagios_log_t:fifo_file read;
+ auth_use_nsswitch(nagios_t)
')
optional_policy(`
- nis_use_ypbind(nagios_t)
+ netutils_domtrans_ping(nagios_t)
+ netutils_signal_ping(nagios_t)
+ netutils_kill_ping(nagios_t)
')
optional_policy(`
More information about the scm-commits
mailing list