-##
-## Linux target framework (tgt) aims to simplify various
-## SCSI target driver (iSCSI, Fibre Channel, SRP, etc) creation
-## and maintenance. Our key goals are the clean integration into
-## the scsi-mid layer and implementing a great portion of tgt
+##
+## Linux target framework (tgt) aims to simplify various
+## SCSI target driver (iSCSI, Fibre Channel, SRP, etc) creation
+## and maintenance. Our key goals are the clean integration into
+## the scsi-mid layer and implementing a great portion of tgt
## in user space.
-##
+##
##
diff --git a/policy/modules/services/tgtd.te b/policy/modules/services/tgtd.te
index ca91b84..e0e1d4b 100644
--- a/policy/modules/services/tgtd.te
+++ b/policy/modules/services/tgtd.te
@@ -1,3 +1,4 @@
+
policy_module(tgtd, 1.0.0)
########################################
@@ -32,7 +33,7 @@ allow tgtd_t self:fifo_file rw_fifo_file_perms;
allow tgtd_t self:netlink_route_socket { create_socket_perms nlmsg_read };
allow tgtd_t self:shm create_shm_perms;
allow tgtd_t self:sem create_sem_perms;
-allow tgtd_t self:tcp_socket { create_socket_perms accept listen };
+allow tgtd_t self:tcp_socket create_stream_socket_perms;
allow tgtd_t self:udp_socket create_socket_perms;
allow tgtd_t self:unix_dgram_socket create_socket_perms;
@@ -46,25 +47,21 @@ manage_dirs_pattern(tgtd_t, tgtd_var_lib_t, tgtd_var_lib_t)
manage_files_pattern(tgtd_t, tgtd_var_lib_t, tgtd_var_lib_t)
files_var_lib_filetrans(tgtd_t, tgtd_var_lib_t, { dir file })
+kernel_read_fs_sysctls(tgtd_t)
+
corenet_all_recvfrom_netlabel(tgtd_t)
corenet_all_recvfrom_unlabeled(tgtd_t)
-
corenet_sendrecv_iscsi_server_packets(tgtd_t)
-
corenet_tcp_bind_generic_node(tgtd_t)
corenet_tcp_bind_iscsi_port(tgtd_t)
-
corenet_tcp_sendrecv_generic_if(tgtd_t)
corenet_tcp_sendrecv_generic_node(tgtd_t)
-
corenet_tcp_sendrecv_iscsi_port(tgtd_t)
files_read_etc_files(tgtd_t)
-kernel_read_fs_sysctls(tgtd_t)
+storage_getattr_fixed_disk_dev(tgtd_t)
logging_send_syslog_msg(tgtd_t)
miscfiles_read_localization(tgtd_t)
-
-storage_getattr_fixed_disk_dev(tgtd_t)