Sophie: selinux-policy-2.4.6-255.el5

selinux-policy-2.4.6-255.el5_4.1.src.rpm

--- serefpolicy-2.4.6/policy/modules/services/cyrus.te~	2009-09-21 10:46:03.000000000 +0200
+++ serefpolicy-2.4.6/policy/modules/services/cyrus.te	2009-09-21 10:48:32.000000000 +0200
@@ -146,6 +146,7 @@
 
 optional_policy(`
 	snmp_read_snmp_var_lib_files(cyrus_t)
+	snmp_stream_connect(cyrus_t)
 	snmp_dontaudit_write_snmp_var_lib_files(cyrus_t)
 ')
 
--- serefpolicy-2.4.6/policy/modules/services/snmp.if~	2009-09-21 10:45:43.000000000 +0200
+++ serefpolicy-2.4.6/policy/modules/services/snmp.if	2009-09-21 10:48:09.000000000 +0200
@@ -82,3 +82,22 @@
 	')
 	dontaudit $1 snmpd_var_lib_t:file write;
 ')
+
+#######################################
+## <summary>
+## 	Connect to snmpd using a unix domain stream socket.
+## </summary>
+## <param name="domain">
+## 	<summary>
+## 	Domain allowed access.
+## 	</summary>
+## </param>
+#
+interface(`snmp_stream_connect',`
+	gen_require(`
+		type snmpd_t, snmpd_var_lib_t;
+	')
+
+	files_search_var_lib($1)
+	stream_connect_pattern($1, snmpd_var_lib_t, snmpd_var_lib_t, snmpd_t)
+')