xtables-multi wants to getattr of the proc fs

2011-07-19 09:32:07 +00:00 · 2011-07-19 09:32:07 +00:00 · b0b4bc947c
parent 9c0d0e66ff
commit b0b4bc947c
1 changed files with 1 additions and 0 deletions
--- a/policy/modules/system/iptables.te
+++ b/policy/modules/system/iptables.te
@ -53,6 +53,7 @@ allow iptables_t iptables_tmp_t:dir manage_dir_perms;
 allow iptables_t iptables_tmp_t:file manage_file_perms;
 files_tmp_filetrans(iptables_t, iptables_tmp_t, { file dir })

+kernel_getattr_proc(iptables_t)
 kernel_request_load_module(iptables_t)
 kernel_read_system_state(iptables_t)
 kernel_read_network_state(iptables_t)