commit: e10b85ea541851d59eab478d384cf99bff3f0965
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Jan 20 14:30:07 2015 +0000
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org>
CommitDate: Sun Jan 25 13:45:20 2015 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=e10b85ea
networkmanager: v1.0.0 needs new socket permissions
---
policy/modules/contrib/networkmanager.te | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/policy/modules/contrib/networkmanager.te
b/policy/modules/contrib/networkmanager.te
index a0dc708..d8dcaee 100644
--- a/policy/modules/contrib/networkmanager.te
+++ b/policy/modules/contrib/networkmanager.te
@@ -371,6 +371,12 @@ ifdef(`distro_gentoo',`
#
# NetworkManager_t policy
#
+ allow NetworkManager_t self:rawip_socket create_socket_perms;
+ allow NetworkManager_t self:unix_stream_socket connectto;
+
+ # listing /etc/NetworkManager/dispatch.d/
+ list_dirs_pattern(NetworkManager_t, NetworkManager_initrc_exec_t,
NetworkManager_initrc_exec_t)
+ read_files_pattern(NetworkManager_t, NetworkManager_initrc_exec_t,
NetworkManager_initrc_exec_t)
optional_policy(`
resolvconf_client_domain(NetworkManager_t)
