Zabbix monitoring RPM
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

30 lines
1.2 KiB

module zabbix-proxy 1.4;
require {
type var_lib_t;
type ping_t;
type initrc_t;
type unlabeled_t;
type zabbix_t;
type zabbix_var_run_t;
type zabbix_var_lib_t;
class file { read getattr };
class sem { unix_read unix_write associate destroy };
class shm { unix_read unix_write associate destroy };
class tcp_socket { create getattr accept shutdown read };
class sock_file { create write unlink };
class netlink_route_socket { create bind };
class process setrlimit;
class unix_stream_socket connectto;
}
#============= ping_t ==============
allow ping_t var_lib_t:file { read getattr };
allow ping_t zabbix_var_lib_t:file { read getattr };
allow initrc_t unlabeled_t:sem { unix_read unix_write associate destroy };
allow initrc_t unlabeled_t:shm { unix_read unix_write associate destroy };
allow unlabeled_t self:tcp_socket { create getattr accept shutdown read };
allow unlabeled_t self:netlink_route_socket { create bind };
allow zabbix_t self:process setrlimit;
allow zabbix_t zabbix_var_run_t:sock_file { create write unlink };
allow zabbix_t self:unix_stream_socket connectto;