Merge pull request #153 from fishilico/virt-leaseshelper
Signed-off-by: Chris PeBenito <pebenito@ieee.org>
This commit is contained in:
commit
fae8a1f4f2
|
@ -1305,6 +1305,8 @@ userdom_use_user_ptys(virt_bridgehelper_t)
|
|||
# Leaseshelper local policy
|
||||
#
|
||||
|
||||
allow virt_leaseshelper_t self:process getsched;
|
||||
|
||||
allow virt_leaseshelper_t virtd_t:fd use;
|
||||
allow virt_leaseshelper_t virtd_t:fifo_file write_fifo_file_perms;
|
||||
|
||||
|
@ -1317,6 +1319,13 @@ files_pid_filetrans(virt_leaseshelper_t, virt_runtime_t, file)
|
|||
|
||||
kernel_dontaudit_read_system_state(virt_leaseshelper_t)
|
||||
|
||||
# Read /sys/devices/system/node/node*/meminfo
|
||||
dev_list_sysfs(virt_leaseshelper_t)
|
||||
dev_read_sysfs(virt_leaseshelper_t)
|
||||
|
||||
# Read /etc/libnl/classid
|
||||
files_read_etc_files(virt_leaseshelper_t)
|
||||
|
||||
########################################
|
||||
#
|
||||
# Virtlockd local policy
|
||||
|
|
Loading…
Reference in New Issue