RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chromium: watch etc dirs 

avc:  denied  { watch } for  pid=44464 comm="ThreadPoolForeg" path="/etc" dev="zfs" ino=1436 scontext=staff_u:staff_r:chromium_t:s0-s0:c0.c1023 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=0
Signed-off-by: Jason Zaman <jason@perfinion.com>
This commit is contained in:
Jason Zaman 2020-02-17 04:03:18 +08:00 committed by Chris PeBenito
parent adaea617cd
commit 509a639deb
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/apps/chromium.te
View File

@ -156,6 +156,7 @@ files_search_home(chromium_t)
files_read_usr_files(chromium_t) files_read_usr_files(chromium_t)
files_map_usr_files(chromium_t) files_map_usr_files(chromium_t)
files_read_etc_files(chromium_t) files_read_etc_files(chromium_t)
files_watch_etc_dirs(chromium_t)
# During find for /etc/whatever-release we get lots of output otherwise # During find for /etc/whatever-release we get lots of output otherwise
files_dontaudit_getattr_all_dirs(chromium_t) files_dontaudit_getattr_all_dirs(chromium_t)