From: Dan Walsh <dwalsh@redhat.com>
Date: Wed, 21 Dec 2011 16:30:36 +0000 (+0000)
Subject: Puppetmaster needs to connect to ntop port,  Needs back port to RHEL6
X-Git-Tag: 000~8
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b016be7a2802f0b05d89f831e68056845af8d138;p=people%2Fstevee%2Fselinux-policy.git

Puppetmaster needs to connect to ntop port,  Needs back port to RHEL6
---

diff --git a/policy/modules/services/puppet.te b/policy/modules/services/puppet.te
index 39d23dcf..d70e9656 100644
--- a/policy/modules/services/puppet.te
+++ b/policy/modules/services/puppet.te
@@ -367,6 +367,7 @@ corenet_tcp_sendrecv_generic_node(puppetmaster_t)
 corenet_tcp_bind_generic_node(puppetmaster_t)
 corenet_tcp_bind_puppet_port(puppetmaster_t)
 corenet_sendrecv_puppet_server_packets(puppetmaster_t)
+corenet_tcp_connect_ntop_port(puppetmaster_t)
 
 # This needs investigation. Puppermasterd is confirmed to bind udp sockets to random high ports.
 corenet_udp_bind_generic_node(puppetmaster_t)