RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

udev.service sandbox required permissions 

Signed-off-by: bauen1 <j2468h@gmail.com>
This commit is contained in:
bauen1 2020-05-16 22:45:36 +02:00
parent 0a596401f1
commit 83a39ad4fd
No known key found for this signature in database
GPG Key ID: FF0AAF5E0812BA9C
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
policy/modules/kernel/kernel.te
View File

@ -136,6 +136,10 @@ genfscon proc /sys/fs gen_context(system_u:object_r:sysctl_fs_t,s0)
type sysctl_kernel_t, sysctl_type; type sysctl_kernel_t, sysctl_type;
genfscon proc /sys/kernel gen_context(system_u:object_r:sysctl_kernel_t,s0) genfscon proc /sys/kernel gen_context(system_u:object_r:sysctl_kernel_t,s0)
optional_policy(`
init_mountpoint(sysctl_kernel_t)
')
# /sys/kernel/ns_last_pid file # /sys/kernel/ns_last_pid file
type sysctl_kernel_ns_last_pid_t, sysctl_type; type sysctl_kernel_ns_last_pid_t, sysctl_type;
genfscon proc /sys/kernel/ns_last_pid gen_context(system_u:object_r:sysctl_kernel_ns_last_pid_t,s0) genfscon proc /sys/kernel/ns_last_pid gen_context(system_u:object_r:sysctl_kernel_ns_last_pid_t,s0)