233e13cb44
systemd-modules-load.service needs to read file
/sys/module/${MODULE}/initstate for each ${MODULE} defined in
/etc/modules-load.d/. These files are labeled sysfs_t.
This fixes:
type=AVC msg=audit(1567804818.331:138713): avc: denied { read }
for pid=31153 comm="systemd-modules" name="initstate" dev="sysfs"
ino=14778 scontext=system_u:system_r:systemd_modules_load_t
tcontext=system_u:object_r:sysfs_t tclass=file permissive=0
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
|
||
|---|---|---|
| .. | ||
| admin | ||
| apps | ||
| kernel | ||
| roles | ||
| services | ||
| system | ||