tyler.durden
/
icinga2
mirror of https://github.com/Icinga/icinga2.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Selinux: Added capabilities and database support 

refs #8332
This commit is contained in:
Dirk Goetz 2015-02-27 09:47:45 +00:00 committed by Michael Friedrich
parent 1911209a45
commit 7351ab0f6b
1 changed files with 8 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
tools/selinux/icinga2.te
View File

@ -48,7 +48,8 @@ corenet_port(icinga2_port_t)
#
# icinga2 local policy
#
allow icinga2_t self:capability { setgid setuid };
allow icinga2_t self:capability { setgid setuid sys_resource };
allow icinga2_t self:process { setsched signal setrlimit };
allow icinga2_t self:fifo_file rw_fifo_file_perms;
allow icinga2_t self:unix_stream_socket create_stream_socket_perms;
@ -95,6 +96,12 @@ icinga2_execstrans(nagios_system_plugin_exec_t, nagios_system_plugin_t)
allow icinga2_t icinga2_port_t:tcp_socket name_bind;
allow icinga2_t self:tcp_socket create_stream_socket_perms;
mysql_stream_connect(icinga2_t)
mysql_tcp_connect(icinga2_t)
postgresql_stream_connect(icinga2_t)
postgresql_tcp_connect(icinga2_t)
########################################
#
# Icinga Webinterfaces