diff options
author | Alexander Miroshnichenko <alex@millerson.name> | 2019-01-30 16:21:58 +0300 |
---|---|---|
committer | Jason Zaman <jason@perfinion.com> | 2019-02-10 12:11:25 +0800 |
commit | 3c0924b50a0d475522b1c1ad5f0f1a511a718797 (patch) | |
tree | ca9465dfc5266469266dc5d67007ead20404ee3e | |
parent | various: Module version bump. (diff) | |
download | hardened-refpolicy-3c0924b50a0d475522b1c1ad5f0f1a511a718797.tar.gz hardened-refpolicy-3c0924b50a0d475522b1c1ad5f0f1a511a718797.tar.bz2 hardened-refpolicy-3c0924b50a0d475522b1c1ad5f0f1a511a718797.zip |
minor updates redis module to be able to start the app
Signed-off-by: Alexander Miroshnichenko <alex@millerson.name>
Signed-off-by: Jason Zaman <jason@perfinion.com>
-rw-r--r-- | policy/modules/services/redis.te | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/policy/modules/services/redis.te b/policy/modules/services/redis.te index afb5ba87..0878fb8f 100644 --- a/policy/modules/services/redis.te +++ b/policy/modules/services/redis.te @@ -29,7 +29,7 @@ files_config_file(redis_conf_t) # Local policy # -allow redis_t self:process { setrlimit signal_perms }; +allow redis_t self:process { setrlimit signal_perms getsched }; allow redis_t self:fifo_file rw_fifo_file_perms; allow redis_t self:unix_stream_socket create_stream_socket_perms; allow redis_t self:tcp_socket create_stream_socket_perms; @@ -41,6 +41,7 @@ manage_files_pattern(redis_t, redis_log_t, redis_log_t) manage_lnk_files_pattern(redis_t, redis_log_t, redis_log_t) logging_log_filetrans(redis_t, redis_log_t, dir) +files_search_var_lib(redis_t) manage_dirs_pattern(redis_t, redis_var_lib_t, redis_var_lib_t) manage_files_pattern(redis_t, redis_var_lib_t, redis_var_lib_t) manage_lnk_files_pattern(redis_t, redis_var_lib_t, redis_var_lib_t) |