add sysnetwork
This commit is contained in:
Chris PeBenito
parent
b303042477
commit
91a7ab6cb3
|
|
@ -186,6 +186,9 @@ allow initrc_t initrc_state_t:dir { create read getattr lock setattr ioctl unlin
|
|||
allow initrc_t initrc_state_t:file { create ioctl read getattr lock write setattr append link unlink rename };
|
||||
allow initrc_t initrc_state_t:lnk_file { create read getattr setattr unlink rename };
|
||||
|
||||
allow initrc_t self:tcp_socket { connect listen accept create ioctl read getattr write setattr append bind getopt setopt shutdown };
|
||||
allow initrc_t self:udp_socket { connect create ioctl read getattr write setattr append bind getopt setopt shutdown };
|
||||
|
||||
kernel_read_system_state(initrc_t)
|
||||
kernel_read_software_raid_state(initrc_t)
|
||||
kernel_read_network_state(initrc_t)
|
||||
|
|
@ -207,9 +210,6 @@ filesystem_unmount_all_filesystems(initrc_t)
|
|||
filesystem_remount_all_filesystems(initrc_t)
|
||||
filesystem_get_all_filesystems_attributes(initrc_t)
|
||||
|
||||
# can_network(initrc_t):
|
||||
allow initrc_t self:tcp_socket { connect listen accept create ioctl read getattr write setattr append bind getopt setopt shutdown };
|
||||
allow initrc_t self:udp_socket { connect create ioctl read getattr write setattr append bind getopt setopt shutdown };
|
||||
corenetwork_network_tcp_on_all_interfaces(initrc_t)
|
||||
corenetwork_network_raw_on_all_interfaces(initrc_t)
|
||||
corenetwork_network_udp_on_all_interfaces(initrc_t)
|
||||
|
|
@ -220,8 +220,6 @@ corenetwork_network_tcp_on_all_ports(initrc_t)
|
|||
corenetwork_network_udp_on_all_ports(initrc_t)
|
||||
corenetwork_bind_tcp_on_all_nodes(initrc_t)
|
||||
corenetwork_bind_udp_on_all_nodes(initrc_t)
|
||||
#allow initrc_t net_conf_t:file r_file_perms;
|
||||
#sysnetwork_read_network_config(initrc_t)
|
||||
|
||||
domain_kill_all_domains(initrc_t)
|
||||
domain_read_all_domains_process_state(initrc_t)
|
||||
|
|
@ -270,6 +268,8 @@ logging_send_system_log_message(initrc_t)
|
|||
selinux_read_config(initrc_t)
|
||||
selinux_read_default_contexts(run_init_t)
|
||||
|
||||
sysnetwork_read_network_config(initrc_t)
|
||||
|
||||
modutils_read_kernel_module_loading_config(initrc_t)
|
||||
|
||||
authlogin_modify_login_records(initrc_t)
|
||||
|
|
|
|||
|
|
@ -116,6 +116,8 @@ file_type_auto_trans(syslogd_t, var_lib_t, devlog_t, sock_file)
|
|||
libraries_use_dynamic_loader(syslogd_t)
|
||||
libraries_read_shared_libraries(syslogd_t)
|
||||
|
||||
sysnetwork_read_network_config(syslogd_t)
|
||||
|
||||
miscfiles_read_localization(syslogd_t)
|
||||
|
||||
#
|
||||
|
|
|
|||
Loading…
Reference in New Issue