RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

logging: Allow auditd to stat() dispatcher executables. 

Signed-off-by: Chris PeBenito <Christopher.PeBenito@microsoft.com>
This commit is contained in:
Chris PeBenito 2021-09-01 19:49:05 +00:00 committed by Chris PeBenito
parent e45d2fd1ef
commit 7e3b26e76c
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
policy/modules/system/logging.if
View File

@ -306,7 +306,7 @@ interface(`logging_signal_dispatcher',`
#
interface(`logging_dispatcher_domain',`
gen_require(`
type audisp_t;
type audisp_t, auditd_t;
role system_r;
')
@ -315,6 +315,8 @@ interface(`logging_dispatcher_domain',`
role system_r types $1;
allow auditd_t $2:file getattr;
domtrans_pattern(audisp_t, $2, $1)
allow audisp_t $1:process { sigkill sigstop signull signal };