Changes to the kernel policy module
Interface is needed by at least plymouth Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
This commit is contained in:
parent
0805dd800c
commit
07c2944493
|
@ -563,6 +563,25 @@ interface(`kernel_dontaudit_request_load_module',`
|
||||||
dontaudit $1 kernel_t:system module_request;
|
dontaudit $1 kernel_t:system module_request;
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Connect to kernel using a unix
|
||||||
|
## domain stream socket.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`kernel_stream_connect',`
|
||||||
|
gen_require(`
|
||||||
|
type kernel_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
allow $1 kernel_t:unix_stream_socket connectto;
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Get information on all System V IPC objects.
|
## Get information on all System V IPC objects.
|
||||||
|
|
Loading…
Reference in New Issue