Add new interface fs_rmw_hugetlbfs_files.
Add new interface fs_rmw_hugetlbfs_files and grant it to postgresql_t.
This commit is contained in:
Alexander Miroshnichenko
parent
a7f2394902
commit
cff5e0026c
|
|
@ -2340,6 +2340,25 @@ interface(`fs_rw_hugetlbfs_files',`
|
||||||
rw_files_pattern($1, hugetlbfs_t, hugetlbfs_t)
|
rw_files_pattern($1, hugetlbfs_t, hugetlbfs_t)
|
||||||
')
|
')
|
||||||
|
|
||||||
|
########################################
|
||||||
|
## <summary>
|
||||||
|
## Read, map and write hugetlbfs files.
|
||||||
|
## </summary>
|
||||||
|
## <param name="domain">
|
||||||
|
## <summary>
|
||||||
|
## Domain allowed access.
|
||||||
|
## </summary>
|
||||||
|
## </param>
|
||||||
|
#
|
||||||
|
interface(`fs_rmw_hugetlbfs_files',`
|
||||||
|
gen_require(`
|
||||||
|
type hugetlbfs_t;
|
||||||
|
')
|
||||||
|
|
||||||
|
fs_rw_hugetlbfs_files($1)
|
||||||
|
allow $1 hugetlbfs_t:file map;
|
||||||
|
')
|
||||||
|
|
||||||
########################################
|
########################################
|
||||||
## <summary>
|
## <summary>
|
||||||
## Allow the type to associate to hugetlbfs filesystems.
|
## Allow the type to associate to hugetlbfs filesystems.
|
||||||
|
|
|
||||||
|
|
@ -330,7 +330,7 @@ dev_read_urand(postgresql_t)
|
||||||
|
|
||||||
fs_getattr_all_fs(postgresql_t)
|
fs_getattr_all_fs(postgresql_t)
|
||||||
fs_search_auto_mountpoints(postgresql_t)
|
fs_search_auto_mountpoints(postgresql_t)
|
||||||
fs_rw_hugetlbfs_files(postgresql_t)
|
fs_rmw_hugetlbfs_files(postgresql_t)
|
||||||
|
|
||||||
selinux_get_enforce_mode(postgresql_t)
|
selinux_get_enforce_mode(postgresql_t)
|
||||||
selinux_validate_context(postgresql_t)
|
selinux_validate_context(postgresql_t)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue