init: allow initrc_t to create netlink_kobject_uevent_sockets
Needed by rdma-rdd, which is automatically started by udev when an RDMA device with a node description is present. Signed-off-by: Kenton Groombridge <me@concord.sh>
This commit is contained in:
parent
5b0aa89da7
commit
edef7a8469
@ -705,6 +705,7 @@ allow initrc_t self:process { getcap getpgid setsched setpgid setrlimit getsched
|
||||
allow initrc_t self:capability { chown dac_override dac_read_search fowner fsetid kill setgid setuid setpcap linux_immutable net_bind_service net_broadcast net_admin net_raw ipc_lock ipc_owner sys_rawio sys_chroot sys_ptrace sys_pacct sys_boot sys_nice sys_resource sys_time sys_tty_config mknod lease audit_write audit_control setfcap };
|
||||
allow initrc_t self:capability2 { wake_alarm block_suspend };
|
||||
dontaudit initrc_t self:capability sys_module; # sysctl is triggering this
|
||||
allow initrc_t self:netlink_kobject_uevent_socket create_socket_perms; # needed by rdma-ndd
|
||||
allow initrc_t self:passwd rootok;
|
||||
allow initrc_t self:key manage_key_perms;
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user