Douglas Schilling Landgraf has uploaded a new change for review. Change subject: semodule: avoid NetworkManager AVCs ......................................................................
semodule: avoid NetworkManager AVCs This patch improves the rules for selinux to avoid AVCs in NetworkManager. Change-Id: I1c0ab7840e03426298397b83f4e38a3a336a5c32 Signed-off-by: Douglas Schilling Landgraf <[email protected]> --- M semodule/ovirt.te.in 1 file changed, 2 insertions(+), 1 deletion(-) git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/53/44453/1 diff --git a/semodule/ovirt.te.in b/semodule/ovirt.te.in index e4971cb..f47c8c6 100644 --- a/semodule/ovirt.te.in +++ b/semodule/ovirt.te.in @@ -552,7 +552,8 @@ require { type NetworkManager_t; } - allow NetworkManager_t tmpfs_t:dir { read }; + allow NetworkManager_t tmpfs_t:dir { read write add_name remove_name }; + allow NetworkManager_t tmpfs_t:file { read write getattr open create rename unlink }; ') -- To view, visit https://gerrit.ovirt.org/44453 To unsubscribe, visit https://gerrit.ovirt.org/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I1c0ab7840e03426298397b83f4e38a3a336a5c32 Gerrit-PatchSet: 1 Gerrit-Project: ovirt-node Gerrit-Branch: master Gerrit-Owner: Douglas Schilling Landgraf <[email protected]> _______________________________________________ node-patches mailing list [email protected] http://lists.ovirt.org/mailman/listinfo/node-patches
