[selinux-policy: 2966/3172] Use admin_pattern. Allow nslcd_admin to search parent directories to be able to interact with nslcd

[Daniel J Walsh]

commit b6d0a79f2c8592c941525c57d653e7621338b0c8
Author: Dominick Grift <domg472 at gmail.com>
Date:   Wed Sep 15 12:56:18 2010 +0200

    Use admin_pattern. Allow nslcd_admin to search parent directories to be able to interact with nslcd content.
    
    Signed-off-by: Dominick Grift <domg472 at gmail.com>

 policy/modules/services/nslcd.if |    8 ++++----
 1 files changed, 4 insertions(+), 4 deletions(-)
---
diff --git a/policy/modules/services/nslcd.if b/policy/modules/services/nslcd.if
index 23c769c..b94add1 100644
--- a/policy/modules/services/nslcd.if
+++ b/policy/modules/services/nslcd.if
@@ -106,9 +106,9 @@ interface(`nslcd_admin',`
 	role_transition $2 nslcd_initrc_exec_t system_r;
 	allow $2 system_r;
 
-	manage_files_pattern($1, nslcd_conf_t, nslcd_conf_t)
+	files_search_etc($1)
+	admin_pattern($1, nslcd_conf_t)
 
-	manage_dirs_pattern($1, nslcd_var_run_t, nslcd_var_run_t)
-	manage_files_pattern($1, nslcd_var_run_t, nslcd_var_run_t)
-	manage_lnk_files_pattern($1, nslcd_var_run_t, nslcd_var_run_t)
+	files_search_pids($1)
+	admin_pattern($1, nslcd_var_run_t, nslcd_var_run_t)
 ')