Current File : //opt/imunify360/venv/share/imunify360/imunify360.te

module imunify360 1.1;

require {
	type lib_t;
	type logrotate_t;
	type sshd_t;
	type usr_t;
	type httpd_t;
	type httpd_sys_script_t;
	type var_t;
	type unconfined_service_t;
	class sock_file write;
	class unix_dgram_socket sendto;
	class dir { write add_name remove_name };
	class file { rename write getattr setattr read create open };
}

#============= httpd_sys_script_t ==============

allow httpd_sys_script_t lib_t:sock_file write;

#============= httpd_t ==============

allow httpd_t unconfined_service_t:unix_dgram_socket sendto;

#============= sshd_t ==============

allow sshd_t usr_t:sock_file write;

#============= logrotate_t ==============

allow logrotate_t var_t:dir { write remove_name add_name };
allow logrotate_t var_t:file { rename write getattr setattr read create open };