RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow dhcpcd to use generic netlink and raw IP sockets 

dhcpcd uses a raw IPv6 socket to receive router advertisement and
neighbor advertisement packets in
https://roy.marples.name/git/dhcpcd.git/tree/ipv6nd.c?h=dhcpcd-6.11.5
and uses NETLINK_GENERIC in
https://roy.marples.name/git/dhcpcd.git/tree/if-linux.c?h=dhcpcd-6.11.5
for some NetLink sockets.
This commit is contained in:
Nicolas Iooss 2017-08-17 08:23:53 +02:00 committed by Chris PeBenito
parent 179e3217b0
commit 98170eaf55
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
policy/modules/system/sysnetwork.te
View File

@ -57,7 +57,9 @@ allow dhcpc_t self:fifo_file rw_fifo_file_perms;
allow dhcpc_t self:tcp_socket create_stream_socket_perms;
allow dhcpc_t self:udp_socket create_socket_perms;
allow dhcpc_t self:packet_socket create_socket_perms;
allow dhcpc_t self:netlink_generic_socket create_socket_perms;
allow dhcpc_t self:netlink_route_socket create_netlink_socket_perms;
allow dhcpc_t self:rawip_socket create_socket_perms;
allow dhcpc_t dhcp_etc_t:dir list_dir_perms;
read_lnk_files_pattern(dhcpc_t, dhcp_etc_t, dhcp_etc_t)