From 0126cb1e666c68afd788ed57c90c94a7bee6baf6 Mon Sep 17 00:00:00 2001
From: Kenton Groombridge <concord@gentoo.org>
Date: Thu, 27 Jun 2024 14:22:19 -0400
Subject: [PATCH] node_exporter: allow reading RPC sysctls

For NFS mounts.

Signed-off-by: Kenton Groombridge <concord@gentoo.org>
---
 policy/modules/services/node_exporter.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/services/node_exporter.te b/policy/modules/services/node_exporter.te
index 68af70eab..2d5ed2978 100644
--- a/policy/modules/services/node_exporter.te
+++ b/policy/modules/services/node_exporter.te
@@ -59,6 +59,7 @@ kernel_read_fs_sysctls(node_exporter_t)
 kernel_read_kernel_sysctls(node_exporter_t)
 kernel_read_net_sysctls(node_exporter_t)
 kernel_read_network_state(node_exporter_t)
+kernel_read_rpc_sysctls(node_exporter_t)
 kernel_read_software_raid_state(node_exporter_t)
 kernel_read_system_state(node_exporter_t)