Linux-Help/selinux-mlogc
1
0
Fork 0
Code Issues Pull requests Releases Wiki Activity

Tuned tcp_socket per audit2allow seperation

Browse source
This commit is contained in:
Eric Renfro 2015-11-09 02:50:17 -05:00
parent fb75c43f97
commit 977bb115b7
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
mlogc.te
View file

@ -1,5 +1,5 @@
policy_module(mlogc,1.0.40) policy_module(mlogc,1.0.41)
######################################## ########################################
# #
@ -104,7 +104,11 @@ allow httpd_t mlogc_log_t:file { write create open };
#============= mlogc_t ============== #============= mlogc_t ==============
allow mlogc_t http_port_t:tcp_socket { create connect name_connect getopt getattr setopt }; allow mlogc_t http_port_t:tcp_socket name_connect;
allow mlogc_t self:tcp_socket { write read };
allow mlogc_t self:tcp_socket { connect getopt getattr create setopt };
#allow mlogc_t http_port_t:tcp_socket { create connect name_connect getopt getattr setopt };
#allow mlogc_t cert_t:dir { write getattr }; #allow mlogc_t cert_t:dir { write getattr };
#allow mlogc_t cert_t:file { read write getattr open lock }; #allow mlogc_t cert_t:file { read write getattr open lock };