netutils: permission sets.
Signed-off-by: Dominick Grift <domg472@gmail.com>
This commit is contained in:
parent
696a65867a
commit
b306b5acaa
|
@ -35,8 +35,8 @@ init_system_domain(traceroute_t, traceroute_exec_t)
|
||||||
# Perform network administration operations and have raw access to the network.
|
# Perform network administration operations and have raw access to the network.
|
||||||
allow netutils_t self:capability { net_admin net_raw setuid setgid };
|
allow netutils_t self:capability { net_admin net_raw setuid setgid };
|
||||||
dontaudit netutils_t self:capability sys_tty_config;
|
dontaudit netutils_t self:capability sys_tty_config;
|
||||||
allow netutils_t self:process { sigkill sigstop signull signal };
|
allow netutils_t self:process signal_perms;
|
||||||
allow netutils_t self:netlink_route_socket { bind create getattr nlmsg_read nlmsg_write read write };
|
allow netutils_t self:netlink_route_socket create_netlink_socket_perms;
|
||||||
allow netutils_t self:packet_socket create_socket_perms;
|
allow netutils_t self:packet_socket create_socket_perms;
|
||||||
allow netutils_t self:udp_socket create_socket_perms;
|
allow netutils_t self:udp_socket create_socket_perms;
|
||||||
allow netutils_t self:tcp_socket create_stream_socket_perms;
|
allow netutils_t self:tcp_socket create_stream_socket_perms;
|
||||||
|
|
Loading…
Reference in New Issue