diff options
| author |   Miroslav Grepl <mgrepl@redhat.com> | 2011-07-19 09:32:07 +0000 |
|---|---|---|
| committer |   Sven Vermeulen <swift@gentoo.org> | 2018-03-25 11:33:46 +0200 |
| commit | a71a8bae341b8d4eb53edc5ad5d070754320a4fc (patch) | |
| tree | 76077a9b0d3b7cbb41a78d04d219dcd5bf2d0c12 | |
| parent | another trivial dbus patch from Russell Coker. (diff) | |
| download | hardened-refpolicy-a71a8bae341b8d4eb53edc5ad5d070754320a4fc.tar.gz hardened-refpolicy-a71a8bae341b8d4eb53edc5ad5d070754320a4fc.tar.bz2 hardened-refpolicy-a71a8bae341b8d4eb53edc5ad5d070754320a4fc.zip | |
xtables-multi wants to getattr of the proc fs
| -rw-r--r-- | policy/modules/system/iptables.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te index 03abcd6c..50328250 100644 --- a/policy/modules/system/iptables.te +++ b/policy/modules/system/iptables.te @@ -53,6 +53,7 @@ allow iptables_t iptables_tmp_t:dir manage_dir_perms; allow iptables_t iptables_tmp_t:file manage_file_perms; files_tmp_filetrans(iptables_t, iptables_tmp_t, { file dir }) +kernel_getattr_proc(iptables_t) kernel_request_load_module(iptables_t) kernel_read_system_state(iptables_t) kernel_read_network_state(iptables_t) |