fix cgroup_admin
When cgroup policy was merged, some changes were made. One of these changes was the renaming of the type for cgroup rules engine daemon configuration file. The cgroup_admin interface was not modified to reflect this change. Signed-off-by: Dominick Grift <domg472@gmail.com> Signed-off-by: Chris PeBenito <cpebenito@tresys.com>
This commit is contained in:
Dominick Grift
Chris PeBenito
parent
caf1666dc1
commit
7e5463b58c
|
|
@ -121,7 +121,7 @@ interface(`cgroup_admin',`
|
||||||
gen_require(`
|
gen_require(`
|
||||||
type cgred_t, cgconfig_t, cgred_var_run_t;
|
type cgred_t, cgconfig_t, cgred_var_run_t;
|
||||||
type cgconfig_etc_t, cgconfig_initrc_exec_t, cgred_initrc_exec_t;
|
type cgconfig_etc_t, cgconfig_initrc_exec_t, cgred_initrc_exec_t;
|
||||||
type cgred_etc_t;
|
type cgrules_etc_t;
|
||||||
')
|
')
|
||||||
|
|
||||||
allow $1 cgconfig_t:process { ptrace signal_perms getattr };
|
allow $1 cgconfig_t:process { ptrace signal_perms getattr };
|
||||||
|
|
@ -131,7 +131,7 @@ interface(`cgroup_admin',`
|
||||||
read_files_pattern($1, cgred_t, cgred_t)
|
read_files_pattern($1, cgred_t, cgred_t)
|
||||||
|
|
||||||
admin_pattern($1, cgconfig_etc_t)
|
admin_pattern($1, cgconfig_etc_t)
|
||||||
admin_pattern($1, cgred_etc_t)
|
admin_pattern($1, cgrules_etc_t)
|
||||||
files_search_etc($1)
|
files_search_etc($1)
|
||||||
|
|
||||||
admin_pattern($1, cgred_var_run_t)
|
admin_pattern($1, cgred_var_run_t)
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue