Tuned tcp_socket per audit2allow seperation

This commit is contained in:
Eric Renfro 2015-11-09 02:50:17 -05:00
parent fb75c43f97
commit 977bb115b7

View file

@ -1,5 +1,5 @@
policy_module(mlogc,1.0.40)
policy_module(mlogc,1.0.41)
########################################
#
@ -104,7 +104,11 @@ allow httpd_t mlogc_log_t:file { write create open };
#============= mlogc_t ==============
allow mlogc_t http_port_t:tcp_socket { create connect name_connect getopt getattr setopt };
allow mlogc_t http_port_t:tcp_socket name_connect;
allow mlogc_t self:tcp_socket { write read };
allow mlogc_t self:tcp_socket { connect getopt getattr create setopt };
#allow mlogc_t http_port_t:tcp_socket { create connect name_connect getopt getattr setopt };
#allow mlogc_t cert_t:dir { write getattr };
#allow mlogc_t cert_t:file { read write getattr open lock };