From b016be7a2802f0b05d89f831e68056845af8d138 Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Wed, 21 Dec 2011 16:30:36 +0000 Subject: [PATCH] Puppetmaster needs to connect to ntop port, Needs back port to RHEL6 --- policy/modules/services/puppet.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/services/puppet.te b/policy/modules/services/puppet.te index 39d23dcf..d70e9656 100644 --- a/policy/modules/services/puppet.te +++ b/policy/modules/services/puppet.te @@ -367,6 +367,7 @@ corenet_tcp_sendrecv_generic_node(puppetmaster_t) corenet_tcp_bind_generic_node(puppetmaster_t) corenet_tcp_bind_puppet_port(puppetmaster_t) corenet_sendrecv_puppet_server_packets(puppetmaster_t) +corenet_tcp_connect_ntop_port(puppetmaster_t) # This needs investigation. Puppermasterd is confirmed to bind udp sockets to random high ports. corenet_udp_bind_generic_node(puppetmaster_t) -- 2.47.3