logging: various fixes for auditctl
Allow auditctl to read /proc/filesystems and connect to systemd-userdb. Signed-off-by: Kenton Groombridge <me@concord.sh>
This commit is contained in:
parent
1b15d31a1d
commit
80cbe18d72
|
@ -121,6 +121,7 @@ files_read_etc_files(auditctl_t)
|
|||
kernel_dontaudit_getattr_proc(auditctl_t)
|
||||
kernel_read_kernel_sysctls(auditctl_t)
|
||||
kernel_read_proc_symlinks(auditctl_t)
|
||||
kernel_read_system_state(auditctl_t)
|
||||
kernel_setsched(auditctl_t)
|
||||
|
||||
domain_read_all_domains_state(auditctl_t)
|
||||
|
@ -139,6 +140,8 @@ miscfiles_read_localization(auditctl_t)
|
|||
|
||||
ifdef(`init_systemd',`
|
||||
init_rw_stream_sockets(auditctl_t)
|
||||
|
||||
systemd_stream_connect_userdb(auditctl_t)
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
|
|
Loading…
Reference in New Issue