From 92d410105b0781cc577a8c85b5fc5db371fbd4aa Mon Sep 17 00:00:00 2001
From: Jeremy Cline <jeremy@jcline.org>
Date: Apr 01 2018 00:26:09 +0000
Subject: Add SELinux rules for PostgreSQL and MySQL connections


It's possible to use SQL databases like PostgreSQL and MySQL instead of
Mnesia for storage in ejabberd. This adds SELinux rules to connect to
those databases.

Signed-off-by: Jeremy Cline <jeremy@jcline.org>

---

diff --git a/ejabberd.te b/ejabberd.te
index fe70d58..56373ea 100644
--- a/ejabberd.te
+++ b/ejabberd.te
@@ -40,6 +40,10 @@ corenet_tcp_bind_prosody_port(ejabberd_t)
 corenet_tcp_connect_epmd_port(ejabberd_t)
 corenet_tcp_connect_generic_port(ejabberd_t)
 corenet_tcp_connect_jabber_interserver_port(ejabberd_t)
+corenet_tcp_connect_postgresql_port(ejabberd_t)
+postgresql_stream_connect(ejabberd_t)
+corenet_tcp_connect_mysqld_port(ejabberd_t)
+mysql_stream_connect(ejabberd_t)
 
 corenet_udp_bind_generic_node(ejabberd_t)