Zabbix monitoring RPM
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 

34 lines
1.4 KiB

module zabbix-server 1.4;
require {
type devlog_t;
type zabbix_t;
type ping_t;
type syslogd_t;
type sudo_exec_t;
type zabbix_var_lib_t;
type zabbix_var_run_t;
class process { setrlimit setpgid };
class capability { sys_resource audit_write };
class file { execute read create ioctl execute_no_trans write getattr unlink open };
class netlink_audit_socket { nlmsg_relay create };
class sock_file { create write unlink };
class unix_dgram_socket { create connect sendto };
class dir { write remove_name add_name };
class key write;
class unix_stream_socket connectto;
}
allow ping_t zabbix_var_lib_t:file { read getattr };
allow zabbix_t devlog_t:sock_file write;
allow zabbix_t self:capability { sys_resource audit_write };
allow zabbix_t self:netlink_audit_socket { nlmsg_relay create };
allow zabbix_t self:process { setrlimit setpgid };
allow zabbix_t self:unix_dgram_socket { create connect };
allow zabbix_t self:key write;
allow zabbix_t sudo_exec_t:file { read execute open execute_no_trans };
allow zabbix_t syslogd_t:unix_dgram_socket sendto;
allow zabbix_t zabbix_var_lib_t:dir { write remove_name add_name };
allow zabbix_t zabbix_var_lib_t:file { execute read create getattr execute_no_trans write ioctl unlink open };
allow zabbix_t self:unix_stream_socket connectto;
allow zabbix_t zabbix_var_run_t:sock_file { create write unlink };