RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow ipsec to read kernel sysctl

This commit is contained in:
Miroslav Grepl 2012-09-12 13:29:28 +00:00 committed by Chris PeBenito
parent 99d1e6b9f1
commit 672f146fec
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/system/ipsec.te
View File

@ -113,6 +113,7 @@ allow ipsec_mgmt_t ipsec_t:unix_stream_socket { read write };
allow ipsec_mgmt_t ipsec_t:process { rlimitinh sigchld }; allow ipsec_mgmt_t ipsec_t:process { rlimitinh sigchld };
kernel_read_kernel_sysctls(ipsec_t) kernel_read_kernel_sysctls(ipsec_t)
kernel_read_net_sysctls(ipsec_t)
kernel_list_proc(ipsec_t) kernel_list_proc(ipsec_t)
kernel_read_proc_symlinks(ipsec_t) kernel_read_proc_symlinks(ipsec_t)
# allow pluto to access /proc/net/ipsec_eroute; # allow pluto to access /proc/net/ipsec_eroute;