diff --git a/refpolicy/policy/modules/kernel/bootloader.te b/refpolicy/policy/modules/kernel/bootloader.te index 4b17b7805..84eefe8a9 100644 --- a/refpolicy/policy/modules/kernel/bootloader.te +++ b/refpolicy/policy/modules/kernel/bootloader.te @@ -111,17 +111,13 @@ fs_getattr_xattr_fs(bootloader_t) term_getattr_all_user_ttys(bootloader_t) -init_getattr_initctl(bootloader_t) -init_use_script_pty(bootloader_t) -init_use_script_fd(bootloader_t) -init_rw_script_pipe(bootloader_t) +corecmd_exec_bin(bootloader_t) +corecmd_exec_sbin(bootloader_t) +corecmd_exec_shell(bootloader_t) +domain_exec_all_entry_files(bootloader_t) domain_use_wide_inherit_fd(bootloader_t) -libs_use_ld_so(bootloader_t) -libs_use_shared_libs(bootloader_t) -libs_read_lib(bootloader_t) - files_read_etc_files(bootloader_t) files_read_etc_runtime_files(bootloader_t) files_read_usr_src_files(bootloader_t) @@ -130,9 +126,14 @@ files_read_var_files(bootloader_t) # for nscd files_dontaudit_search_pids(bootloader_t) -corecmd_exec_bin(bootloader_t) -corecmd_exec_sbin(bootloader_t) -corecmd_exec_shell(bootloader_t) +init_getattr_initctl(bootloader_t) +init_use_script_pty(bootloader_t) +init_use_script_fd(bootloader_t) +init_rw_script_pipe(bootloader_t) + +libs_use_ld_so(bootloader_t) +libs_use_shared_libs(bootloader_t) +libs_read_lib(bootloader_t) logging_send_syslog_msg(bootloader_t) logging_rw_generic_logs(bootloader_t)