f95131dadf
Signed-off-by: Kenton Groombridge <me@concord.sh>
17 lines
440 B
Plaintext
17 lines
440 B
Plaintext
(block virt_container
|
|
(blockabstract virt_container)
|
|
|
|
(optional virt_container_optional
|
|
(allow process var_t search_dir_perms)
|
|
(allow process var_t read_lnk_file_perms)
|
|
|
|
(allow process var_run_t search_dir_perms)
|
|
(allow process var_run_t read_lnk_file_perms)
|
|
|
|
(allow process virt_runtime_t search_dir_perms)
|
|
(allow process virt_runtime_t write_sock_file_perms)
|
|
|
|
(allow process virtd_t (unix_stream_socket (connectto)))
|
|
)
|
|
)
|