diff --git a/refpolicy/policy/modules/services/portmap.te b/refpolicy/policy/modules/services/portmap.te index 83b323a54..80e2b5ad6 100644 --- a/refpolicy/policy/modules/services/portmap.te +++ b/refpolicy/policy/modules/services/portmap.te @@ -183,6 +183,8 @@ corenet_dontaudit_tcp_bind_all_reserved_ports(portmap_helper_t) corenet_dontaudit_udp_bind_all_reserved_ports(portmap_helper_t) corenet_tcp_connect_all_ports(portmap_helper_t) +domain_dontaudit_use_wide_inherit_fd(portmap_helper_t) + files_read_etc_files(portmap_helper_t) files_rw_generic_pids(portmap_helper_t) diff --git a/refpolicy/policy/modules/system/logging.te b/refpolicy/policy/modules/system/logging.te index 4f56da951..57313e1d1 100644 --- a/refpolicy/policy/modules/system/logging.te +++ b/refpolicy/policy/modules/system/logging.te @@ -194,6 +194,8 @@ dev_read_raw_memory(klogd_t) fs_getattr_all_fs(klogd_t) +domain_use_wide_inherit_fd(klogd_t) + files_create_pid(klogd_t,klogd_var_run_t) files_read_etc_runtime_files(klogd_t) # read /etc/nsswitch.conf