modutils: allow kmod_t to write keys
Fixes: $ modprobe cfg80211 kernel: cfg80211: Loading compiled-in X.509 certificates for regulatory database kernel: cfg80211: Problem loading in-kernel X.509 certificate (-13) kernel: cfg80211: loaded regulatory.db is malformed or signature is missing/invalid avc: denied { write } for pid=219 comm="modprobe" scontext=system_u:system_r:kmod_t tcontext=system_u:system_r:kmod_t tclass=key permissive=0 Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
This commit is contained in:
parent
23a8d103f3
commit
b7258b3d6d
|
@ -40,6 +40,7 @@ dontaudit kmod_t self:capability sys_admin;
|
|||
|
||||
allow kmod_t self:udp_socket create_socket_perms;
|
||||
allow kmod_t self:rawip_socket create_socket_perms;
|
||||
allow kmod_t self:key write;
|
||||
|
||||
# Read module config and dependency information
|
||||
list_dirs_pattern(kmod_t, modules_conf_t, modules_conf_t)
|
||||
|
|
Loading…
Reference in New Issue