selinux-refpolicy/policy/modules/services/setroubleshoot.if

22 lines
525 B
Plaintext

## <summary>SELinux troubleshooting service</summary>
########################################
## <summary>
## Connect to setroubleshootd over an unix stream socket.
## </summary>
## <param name="domain">
## <summary>
## Domain allowed access.
## </summary>
## </param>
#
interface(`setroubleshoot_stream_connect',`
gen_require(`
type setroubleshootd_t, setroubleshoot_var_run_t;
')
files_search_pids($1)
allow $1 setroubleshoot_var_run_t:sock_file write;
allow $1 setroubleshootd_t:unix_stream_socket connectto;
')