mirror of
https://git.lapiole.org/dani/ansible-roles.git
synced 2025-04-16 10:13:26 +02:00
22 lines
686 B
Plaintext
22 lines
686 B
Plaintext
module zabbix_proxy 1.2;
|
|
|
|
require {
|
|
type zabbix_var_run_t;
|
|
type zabbix_var_lib_t;
|
|
type zabbix_t;
|
|
type ping_t;
|
|
class sock_file { create unlink };
|
|
class unix_stream_socket connectto;
|
|
class file { getattr read execute execute_no_trans };
|
|
class capability dac_override;
|
|
}
|
|
|
|
#============= ping_t ==============
|
|
allow ping_t zabbix_var_lib_t:file { getattr read };
|
|
|
|
#============= zabbix_t ==============
|
|
allow zabbix_t self:unix_stream_socket connectto;
|
|
allow zabbix_t zabbix_var_run_t:sock_file { create unlink };
|
|
allow zabbix_t self:capability dac_override;
|
|
allow zabbix_t zabbix_var_lib_t:file { execute execute_no_trans };
|