add missing system_crond_t transition pieces
This commit is contained in:
Chris PeBenito
parent
98af6c7763
commit
f5d4efd756
|
|
@ -205,6 +205,10 @@ allow system_crond_t system_cron_spool_t:file { getattr read };
|
||||||
# transition, since crontabs are configuration files, not executables.
|
# transition, since crontabs are configuration files, not executables.
|
||||||
allow crond_t system_crond_t:process transition;
|
allow crond_t system_crond_t:process transition;
|
||||||
dontaudit crond_t system_crond_t:process { noatsecure siginh rlimitinh };
|
dontaudit crond_t system_crond_t:process { noatsecure siginh rlimitinh };
|
||||||
|
allow crond_t system_crond_t:fd use;
|
||||||
|
allow system_crond_t crond_t:fd use;
|
||||||
|
allow system_crond_t crond_t:fifo_file rw_file_perms;
|
||||||
|
allow system_crond_t crond_t:process sigchld;
|
||||||
|
|
||||||
# Write /var/lock/makewhatis.lock.
|
# Write /var/lock/makewhatis.lock.
|
||||||
allow system_crond_t system_crond_lock_t:file { create ioctl read getattr lock write setattr append link unlink rename };
|
allow system_crond_t system_crond_lock_t:file { create ioctl read getattr lock write setattr append link unlink rename };
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue