Don't use admin_pattern macro in SELinux policy.

The admin_pattern macro is not available on RHEL5, so we shouldn't attempt to use it. Aside from that, we don't need all of the permission that admin_pattern grants. We should just use the manage_files_pattern macro instead.
author: Nathan Kinder <nkinder@redhat.com> 2009-09-17 15:03:28 -0700
committer: Nathan Kinder <nkinder@redhat.com> 2009-09-17 15:03:28 -0700
commit: 2de80f5fb3398045dc7a25f5d25dfd7dd30c8909 (patch)
tree: 88b046e8336afbe0a96cb0f7554cfe03d0f0df35 /selinux
parent: 8af8dffe2416290b8777dcda3450d1e76ca8657c (diff)
download: ds-2de80f5fb3398045dc7a25f5d25dfd7dd30c8909.tar.gz
ds-2de80f5fb3398045dc7a25f5d25dfd7dd30c8909.tar.xz
ds-2de80f5fb3398045dc7a25f5d25dfd7dd30c8909.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/selinux/dirsrv.te b/selinux/dirsrv.te
index b505c89a..b40459b9 100644
--- a/selinux/dirsrv.te
+++ b/selinux/dirsrv.te
@@ -199,7 +199,7 @@ allow dirsrv_snmp_t self:capability { dac_override dac_read_search };
 read_files_pattern(dirsrv_snmp_t, dirsrv_config_t, dirsrv_config_t)
 
 # pid file
-admin_pattern(dirsrv_snmp_t, dirsrv_snmp_var_run_t)
+manage_files_pattern(dirsrv_snmp_t, dirsrv_snmp_var_run_t, dirsrv_snmp_var_run_t)
 files_pid_filetrans(dirsrv_snmp_t, dirsrv_snmp_var_run_t, { file sock_file })
 search_dirs_pattern(dirsrv_snmp_t, dirsrv_var_run_t, dirsrv_var_run_t)
author	Nathan Kinder <nkinder@redhat.com>	2009-09-17 15:03:28 -0700
committer	Nathan Kinder <nkinder@redhat.com>	2009-09-17 15:03:28 -0700
commit	2de80f5fb3398045dc7a25f5d25dfd7dd30c8909 (patch)
tree	88b046e8336afbe0a96cb0f7554cfe03d0f0df35 /selinux
parent	8af8dffe2416290b8777dcda3450d1e76ca8657c (diff)
download	ds-2de80f5fb3398045dc7a25f5d25dfd7dd30c8909.tar.gz ds-2de80f5fb3398045dc7a25f5d25dfd7dd30c8909.tar.xz ds-2de80f5fb3398045dc7a25f5d25dfd7dd30c8909.zip