From 620beb87f382ec483b25f38332ec231e1dfc4fad Mon Sep 17 00:00:00 2001
From: Ralph Bean <rbean@redhat.com>
Date: Fri, 18 Jul 2014 20:09:15 +0000
Subject: [PATCH] Don't forget the unix_stream_socket.

---
 .../base/files/selinux/fi-collectd.mod        | Bin 1924 -> 2201 bytes
 .../base/files/selinux/fi-collectd.pp         | Bin 1940 -> 2217 bytes
 .../base/files/selinux/fi-collectd.te         |   5 ++++-
 3 files changed, 4 insertions(+), 1 deletion(-)

diff --git a/roles/collectd/base/files/selinux/fi-collectd.mod b/roles/collectd/base/files/selinux/fi-collectd.mod
index 9f77dcfb391c6ef0721cdbd9a35e471c45244871..ba2404df1d4e5200be796c2f998d3d43d04c6e54 100644
GIT binary patch
delta 366
zcmZqSpD8%OfzfQDqlh3Y0|NsHGXpUQuue?VWMr8*!Hrc2#GS0jB&<`Kmst^CTvC*p
zm>XZ5pPZdq!U>dO1mfiUyu8%pl9GHbkYXTU-guv%k(Uj~0%4FS^W=F<(v!uQ^cmSE
z7cj|lXXa&=#Fv0%*g!J;$@w`sKqFEhVys}*{Y>dV)%%&H85Jhmvq(?YW7c400qZ~(
z<C#2<S%#5y@@{5%xH_K6Oe`{!RhUF3pJV1h618KIU<Emtb+SAQM7239$jkC5w(v~e
z#}Y8vh*bh;BM+nf<om4VK=Ws_nuAQ6JdO1MkXO#8B?bx_%s`nul`R_R?2l|l93anw
KJUUsFJs$wcJyN0o

delta 230
zcmbO!*up=-fzfoLqX;hx0|NsHGXpWh<VGgpiKSAE%o8WLadLq~fPiVU6eB+)D=U!6
zI$4h?Xz~Rng~`X5_$Ie7$xQyhl+MUHS%F1*@^Kc4$?us3CeLP;VFek+h9s&3R4X!B
zpM?jmDw#zFY&9cLB^XcM!lFG{mWgNbe>MS5kO&hH%OjZ~FgcoyXL3KQ3nTyJ4XoCa
k`Pmd0Stc8>X-_U@djMpGuxm|T!0r!p%?Ea)$rc=m0IuRQvH$=8

diff --git a/roles/collectd/base/files/selinux/fi-collectd.pp b/roles/collectd/base/files/selinux/fi-collectd.pp
index 645bc0651d506155ff7a7a4dd59aa5f99d1927ad..33574ab37b8bbc42170423fad785508c42f048c0 100644
GIT binary patch
delta 366
zcmbQjzfy2Q0HfK&KoLP!1_lNYW(HyqV4YZ|$;dKsfg7t3h&$PkNm!>eFS8=PxTGjG
zF*m+AKRG+KgcB&m2*k<xd3mYHB_;V>AjLqyyzxChBQG0}1;QXv=E>`rq$jH}=`*rT
zZeWt<&dkd!i7x@kuz_Uwlk;<OfJUT1#8|<q=QE`PRi9^;W>lE$&muk9j#-111*`*E
zjA!yXW*J7-$)}m+;p%uM3$e&dHenK(e2<w2Nz{);f)(Uo*2(%T5Y^_aATP_K*updU
z9817tCsqldjXaF@li#zN1I=H}Y7R1O@-o&3KwdkWmKZ2#Fau@sQnqNIvl-cqI6$5U
Kd33TWdp-b~>QsXO

delta 228
zcmZ1}IE8;g0Hf)|KoMRR1_lNYW(H!0$rG7`C$>s4GEZFK#>oW|0RpDYT8#XRtgJvL
z>ts8opve!I6eeF|;+s5$NoEprIwR|30~YDY*I6Vc|7RAMyqZ~t6=W70lBf<)smNq|
z79O~&Vip;&&5S^mU_AK<i}qw)CZ5Us>;jx15hfs(M>0cTayA>!<oT>FjQo=iuv$-+
jXH#Hgne4!(J-M0f0g#o#t~GfByFVlABo3p=9vq1Pq`xym

diff --git a/roles/collectd/base/files/selinux/fi-collectd.te b/roles/collectd/base/files/selinux/fi-collectd.te
index b1ceef9244..14526f9e52 100644
--- a/roles/collectd/base/files/selinux/fi-collectd.te
+++ b/roles/collectd/base/files/selinux/fi-collectd.te
@@ -1,13 +1,15 @@
 
-module fi-collectd 1.5;
+module fi-collectd 1.6;
 
 require {
 	type var_run_t;
 	type bin_t;
 	type configfs_t;
+	type init_t;
 	type pstorefs_t;
 	type collectd_t;
 	class sock_file { read write getattr };
+	class unix_stream_socket connectto;
 	class capability { setuid dac_read_search sys_ptrace setgid dac_override };
 	class file { read execute execute_no_trans };
 	class dir getattr;
@@ -16,6 +18,7 @@ require {
 #============= collectd_t ==============
 allow collectd_t bin_t:file { execute execute_no_trans };
 allow collectd_t configfs_t:dir getattr;
+allow collectd_t init_t:unix_stream_socket connectto;
 allow collectd_t pstorefs_t:dir getattr;
 allow collectd_t self:capability { setuid dac_read_search sys_ptrace setgid dac_override };
 allow collectd_t var_run_t:sock_file { read write getattr };