xtables-multi wants to getattr of the proc fs

This commit is contained in:
Miroslav Grepl 2011-07-19 09:32:07 +00:00 committed by Laurent Bigonville
parent 9c0d0e66ff
commit b0b4bc947c

View File

@ -53,6 +53,7 @@ allow iptables_t iptables_tmp_t:dir manage_dir_perms;
allow iptables_t iptables_tmp_t:file manage_file_perms;
files_tmp_filetrans(iptables_t, iptables_tmp_t, { file dir })
kernel_getattr_proc(iptables_t)
kernel_request_load_module(iptables_t)
kernel_read_system_state(iptables_t)
kernel_read_network_state(iptables_t)