From ff83d75138a04786eb763ccdb444102216bfa2aa Mon Sep 17 00:00:00 2001
From: Zack Cerza <zack@redhat.com>
Date: Mon, 24 Jul 2017 16:09:02 -0700
Subject: [PATCH] Update SELinux policy

The collectors need to be able to determine whether an OSD uses
filestore or bluestore

Signed-off-by: Zack Cerza <zack@redhat.com>
---
 selinux/cephmetrics.te | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/selinux/cephmetrics.te b/selinux/cephmetrics.te
index f0e7add..9e95937 100644
--- a/selinux/cephmetrics.te
+++ b/selinux/cephmetrics.te
@@ -5,6 +5,7 @@ require {
 	type ceph_t;
 	type ceph_var_run_t;
 	type ceph_var_lib_t;
+	type fixed_disk_device_t;
 	class unix_stream_socket connectto;
 	class dir read;
 	class file getattr;
@@ -17,6 +18,9 @@ require {
 allow collectd_t ceph_t:unix_stream_socket connectto;
 allow collectd_t ceph_var_run_t:dir read;
 allow collectd_t ceph_var_lib_t:file getattr;
+allow collectd_t ceph_var_lib_t:lnk_file getattr;
+allow collectd_t ceph_var_lib_t:lnk_file read;
+allow collectd_t fixed_disk_device_t:blk_file getattr;
 allow collectd_t self:capability2 block_suspend;
 allow collectd_t var_log_t:dir { add_name write };
 allow collectd_t var_log_t:file create;
-- 
2.47.3