systemd-rfkill.socket reads /dev/rfkill (with ListenSocket=) option.

Need to allow this to open the file so the service starts properly.

node=localhost type=AVC msg=audit(1689883855.890:419): avc:  denied  { open } for  pid=1 comm="systemd" path="/dev/rfkill" dev="devtmpfs" ino=152 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:wireless_device_t:s0 tclass=chr_file permissive=1
node=localhost type=AVC msg=audit(1689883962.317:408): avc:  denied  { read write } for  pid=1 comm="systemd" name="rfkill" dev="devtmpfs" ino=152 scontext=system_u:system_r:init_t:s0 tcontext=system_u:object_r:wireless_device_t:s0 tclass=chr_file permissive=0

Signed-off-by: Dave Sugar <dsugar100@gmail.com>
This commit is contained in:
Dave Sugar 2023-07-20 16:36:56 -04:00
parent 97e35d8845
commit e0970d55e6
1 changed files with 1 additions and 0 deletions

View File

@ -368,6 +368,7 @@ ifdef(`init_systemd',`
dev_write_urand(init_t)
dev_rw_lvm_control(init_t)
dev_rw_autofs(init_t)
dev_rw_wireless(init_t)
dev_manage_generic_symlinks(init_t)
dev_manage_generic_dirs(init_t)
dev_manage_null_service(initrc_t)