On Wed, 2012-09-19 at 15:07 -0400, Daniel J Walsh wrote: > > ## <desc> > ## <p> > +## Allow postgresql to use ssh and rsync to replicate databases > +## </p> > +## </desc> > +gen_tunable(postgesql_replication, false) typo in there we should probably implement a ssh_tcp_connect if it doesnt exists already and use that (that goes for all service ports) ######################################## ## <summary> ## Connect to ssh over the TCP network. ## </summary> ## <param name="domain"> ## <summary> ## Domain allowed access. ## </summary> ## </param> # interface(`ssh_tcp_connect',` gen_require(` type sshd_t; ') corenet_tcp_recvfrom_labeled($1, sshd_t) corenet_tcp_sendrecv_ssh_port($1) corenet_tcp_connect_ssh_port($1) corenet_sendrecv_ssh_client_packets($1) ') -- selinux mailing list selinux@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/selinux
