Minor sosreport cleanup.
This commit is contained in:
parent
698289ff36
commit
a0a4752856
|
@ -25,12 +25,12 @@ interface(`sosreport_domtrans',`
|
||||||
## </summary>
|
## </summary>
|
||||||
## <param name="domain">
|
## <param name="domain">
|
||||||
## <summary>
|
## <summary>
|
||||||
## Domain allowed access
|
## Domain allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
## <param name="role">
|
## <param name="role">
|
||||||
## <summary>
|
## <summary>
|
||||||
## The role to be allowed the sosreport domain.
|
## Role allowed access.
|
||||||
## </summary>
|
## </summary>
|
||||||
## </param>
|
## </param>
|
||||||
#
|
#
|
||||||
|
|
|
@ -23,7 +23,6 @@ files_tmpfs_file(sosreport_tmpfs_t)
|
||||||
|
|
||||||
allow sosreport_t self:capability { kill net_admin net_raw setuid sys_admin sys_nice sys_ptrace dac_override };
|
allow sosreport_t self:capability { kill net_admin net_raw setuid sys_admin sys_nice sys_ptrace dac_override };
|
||||||
allow sosreport_t self:process { setsched signull };
|
allow sosreport_t self:process { setsched signull };
|
||||||
|
|
||||||
allow sosreport_t self:fifo_file rw_fifo_file_perms;
|
allow sosreport_t self:fifo_file rw_fifo_file_perms;
|
||||||
allow sosreport_t self:tcp_socket create_stream_socket_perms;
|
allow sosreport_t self:tcp_socket create_stream_socket_perms;
|
||||||
allow sosreport_t self:udp_socket create_socket_perms;
|
allow sosreport_t self:udp_socket create_socket_perms;
|
||||||
|
@ -50,7 +49,6 @@ corecmd_exec_all_executables(sosreport_t)
|
||||||
dev_getattr_all_chr_files(sosreport_t)
|
dev_getattr_all_chr_files(sosreport_t)
|
||||||
dev_getattr_all_blk_files(sosreport_t)
|
dev_getattr_all_blk_files(sosreport_t)
|
||||||
dev_getattr_mtrr_dev(sosreport_t)
|
dev_getattr_mtrr_dev(sosreport_t)
|
||||||
|
|
||||||
dev_read_rand(sosreport_t)
|
dev_read_rand(sosreport_t)
|
||||||
dev_read_urand(sosreport_t)
|
dev_read_urand(sosreport_t)
|
||||||
dev_read_raw_memory(sosreport_t)
|
dev_read_raw_memory(sosreport_t)
|
||||||
|
@ -62,10 +60,6 @@ domain_getattr_all_sockets(sosreport_t)
|
||||||
domain_getattr_all_pipes(sosreport_t)
|
domain_getattr_all_pipes(sosreport_t)
|
||||||
domain_signull_all_domains(sosreport_t)
|
domain_signull_all_domains(sosreport_t)
|
||||||
|
|
||||||
# for blkid.tab
|
|
||||||
files_manage_etc_runtime_files(sosreport_t)
|
|
||||||
files_etc_filetrans_etc_runtime(sosreport_t, file)
|
|
||||||
|
|
||||||
files_getattr_all_sockets(sosreport_t)
|
files_getattr_all_sockets(sosreport_t)
|
||||||
files_exec_etc_files(sosreport_t)
|
files_exec_etc_files(sosreport_t)
|
||||||
files_list_all(sosreport_t)
|
files_list_all(sosreport_t)
|
||||||
|
@ -77,6 +71,9 @@ files_read_var_lib_files(sosreport_t)
|
||||||
files_read_var_symlinks(sosreport_t)
|
files_read_var_symlinks(sosreport_t)
|
||||||
files_read_kernel_modules(sosreport_t)
|
files_read_kernel_modules(sosreport_t)
|
||||||
files_read_all_symlinks(sosreport_t)
|
files_read_all_symlinks(sosreport_t)
|
||||||
|
# for blkid.tab
|
||||||
|
files_manage_etc_runtime_files(sosreport_t)
|
||||||
|
files_etc_filetrans_etc_runtime(sosreport_t, file)
|
||||||
|
|
||||||
fs_getattr_all_fs(sosreport_t)
|
fs_getattr_all_fs(sosreport_t)
|
||||||
fs_list_inotifyfs(sosreport_t)
|
fs_list_inotifyfs(sosreport_t)
|
||||||
|
|
Loading…
Reference in New Issue