RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

acpid: allow acpid to watch the directories in /dev 

Fixes:
acpid: inotify_add_watch() failed: Permission denied (13)

avc:  denied  { watch } for  pid=269 comm="acpid" path="/dev/input"
dev="devtmpfs" ino=35 scontext=system_u:system_r:acpid_t:s0-s15:c0.c1023
tcontext=system_u:object_r:device_t:s0 tclass=dir permissive=0

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
This commit is contained in:
Yi Zhao 2021-02-09 16:42:36 +08:00
parent 42c9eb9bcd
commit 0a1386e8ec
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/services/acpi.te
View File

@ -103,6 +103,7 @@ dev_read_realtime_clock(acpid_t)
dev_read_urand(acpid_t)
dev_rw_acpi_bios(acpid_t)
dev_rw_sysfs(acpid_t)
dev_watch_dev_dirs(acpid_t)
dev_dontaudit_getattr_all_chr_files(acpid_t)
dev_dontaudit_getattr_all_blk_files(acpid_t)