File nrpe_epel6.te of Package nrpe3 (Revision efaf26e10b50477c10834f9b63c0f06a)
Currently displaying revision efaf26e10b50477c10834f9b63c0f06a, show latest
1
# this file was contributed by David Galloway. Thank you.
2
module nrpe_epel 1.0;
3
4
require {
5
type fsadm_exec_t;
6
type hostname_exec_t;
7
type hwdata_t;
8
type nrpe_t;
9
type scsi_generic_device_t;
10
type tmp_t;
11
class capability { sys_admin sys_rawio };
12
class chr_file { ioctl open read write };
13
class dir { add_name remove_name search write };
14
class file { create execute getattr open read unlink write };
15
class unix_dgram_socket sendto;
16
}
17
18
#============= nrpe_t ==============
19
20
allow nrpe_t fsadm_exec_t:file { execute getattr open read };
21
allow nrpe_t hostname_exec_t:file execute;
22
allow nrpe_t hwdata_t:dir search;
23
allow nrpe_t hwdata_t:file { getattr open read };
24
allow nrpe_t scsi_generic_device_t:chr_file { ioctl open read write };
25
allow nrpe_t self:capability { sys_admin sys_rawio };
26
allow nrpe_t self:unix_dgram_socket sendto;
27
allow nrpe_t tmp_t:dir { add_name remove_name write };
28
allow nrpe_t tmp_t:file unlink;
29
allow nrpe_t tmp_t:file { create open write };
30