patch to allow the audit dispatcher to read the system state

This patch allows the audit dispatcher to read the system state.
2011-02-16 07:29:17 +01:00 · 2011-02-16 07:29:17 +01:00 · ff07d7d209
commit ff07d7d209
parent bdc7622e86
1 changed files with 2 additions and 0 deletions
--- a/policy/modules/system/logging.te
+++ b/policy/modules/system/logging.te
@ -226,6 +226,8 @@ allow audisp_t auditd_t:unix_stream_socket rw_socket_perms;
 manage_sock_files_pattern(audisp_t, audisp_var_run_t, audisp_var_run_t)
 files_pid_filetrans(audisp_t, audisp_var_run_t, sock_file)

+kernel_read_system_state(audisp_t)
+
 corecmd_exec_bin(audisp_t)
 corecmd_exec_shell(audisp_t)