selinux-refpolicy

History

Nicolas Iooss 233e13cb44 systemd: allow systemd-modules-load.service to read sysfs systemd-modules-load.service needs to read file /sys/module/${MODULE}/initstate for each ${MODULE} defined in /etc/modules-load.d/. These files are labeled sysfs_t. This fixes: type=AVC msg=audit(1567804818.331:138713): avc: denied { read } for pid=31153 comm="systemd-modules" name="initstate" dev="sysfs" ino=14778 scontext=system_u:system_r:systemd_modules_load_t tcontext=system_u:object_r:sysfs_t tclass=file permissive=0 Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>		2019-09-06 23:28:40 +02:00
..
flask	Remove incorrect comment about capability2:mac_admin.	2019-03-11 20:49:42 -04:00
modules	systemd: allow systemd-modules-load.service to read sysfs	2019-09-06 23:28:40 +02:00
support	…
constraints	…
context_defaults	…
global_booleans	…
global_tunables	…
mcs	…
mls	Remove unused translate permission in context userspace class.	2018-10-13 13:39:18 -04:00
policy_capabilities	…
users	Apply direct_initrc to unconfined_r:unconfined_t	2014-01-16 15:27:18 -05:00