EVOLUTION-MANAGER

Edit File: nagios_epel6.te

module nagios_epel 1.1; require { type devlog_t; type hostname_exec_t; type kernel_t; type ldconfig_exec_t; type initrc_tmp_t; type nagios_exec_t; type httpd_nagios_script_t; type nagios_services_plugin_t; type nagios_spool_t; type nagios_system_plugin_t; type nagios_t; class capability chown; class file { execute execute_no_trans getattr open read }; class sock_file { write create unlink }; class unix_dgram_socket { connect create sendto }; class unix_stream_socket connectto; } #============= nagios_services_plugin_t ============== allow nagios_services_plugin_t devlog_t:sock_file write; allow nagios_services_plugin_t kernel_t:unix_dgram_socket sendto; allow nagios_services_plugin_t self:unix_dgram_socket { connect create }; #============= nagios_t ============== allow nagios_t hostname_exec_t:file { read getattr open execute execute_no_trans }; allow nagios_t ldconfig_exec_t:file { execute execute_no_trans open read }; allow nagios_t nagios_exec_t:file execute_no_trans; allow nagios_t nagios_spool_t:sock_file { write create unlink }; allow nagios_t self:capability chown; allow nagios_t self:unix_stream_socket connectto; #============= httpd_nagios_script_t ============== allow httpd_nagios_script_t nagios_spool_t:file { getattr open read }; #============= nagios_system_plugin_t ============== allow nagios_system_plugin_t nagios_spool_t:file { getattr open read };