[selinux-policy: 2920/3172] nut patch from Dan Walsh

[Daniel J Walsh]

commit 5271920764523bf0a951a32e97d84e8236dfc6d1
Author: Jeremy Solt <jsolt at tresys.com>
Date:   Mon Aug 30 12:36:53 2010 -0400

    nut patch from Dan Walsh

 policy/modules/services/nut.te |    7 ++++++-
 1 files changed, 6 insertions(+), 1 deletions(-)
---
diff --git a/policy/modules/services/nut.te b/policy/modules/services/nut.te
index 181bd88..58e9487 100644
--- a/policy/modules/services/nut.te
+++ b/policy/modules/services/nut.te
@@ -41,7 +41,7 @@ read_files_pattern(nut_upsd_t, nut_conf_t, nut_conf_t)
 manage_files_pattern(nut_upsd_t, nut_var_run_t, nut_var_run_t)
 manage_dirs_pattern(nut_upsd_t, nut_var_run_t, nut_var_run_t)
 manage_sock_files_pattern(nut_upsd_t, nut_var_run_t, nut_var_run_t)
-files_pid_filetrans(nut_upsd_t, nut_var_run_t, { file sock_file })
+files_pid_filetrans(nut_upsd_t, nut_var_run_t, { dir file sock_file })
 
 kernel_read_kernel_sysctls(nut_upsd_t)
 
@@ -65,6 +65,7 @@ miscfiles_read_localization(nut_upsd_t)
 allow nut_upsmon_t self:capability { dac_override dac_read_search setgid setuid };
 allow nut_upsmon_t self:fifo_file rw_fifo_file_perms;
 allow nut_upsmon_t self:unix_dgram_socket { create_socket_perms sendto };
+allow nut_upsmon_t self:unix_stream_socket { create_socket_perms connectto };
 allow nut_upsmon_t self:tcp_socket create_socket_perms;
 
 read_files_pattern(nut_upsmon_t, nut_conf_t, nut_conf_t)
@@ -103,6 +104,10 @@ miscfiles_read_localization(nut_upsmon_t)
 
 mta_send_mail(nut_upsmon_t)
 
+optional_policy(`
+	shutdown_domtrans(nut_upsmon_t)
+')
+
 ########################################
 #
 # Local policy for upsdrvctl