Adding SELinux rule to enable zebra to write to sysctl_net_t
Adding SELinux rule to enable bgpd to call name_connect to bgp_port_t
This commit is contained in:
parent
41a038e1d1
commit
3905b5274d
6
frr.spec
6
frr.spec
@ -7,7 +7,7 @@
|
||||
|
||||
Name: frr
|
||||
Version: 8.3.1
|
||||
Release: 4%{?dist}
|
||||
Release: 5%{?dist}
|
||||
Summary: Routing daemon
|
||||
License: GPLv2+
|
||||
URL: http://www.frrouting.org
|
||||
@ -264,6 +264,10 @@ rm tests/lib/*grpc*
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Fri Sep 16 2022 Michal Ruprich <mruprich@redhat.com> - 8.3.1-5
|
||||
- Adding SELinux rule to enable zebra to write to sysctl_net_t
|
||||
- Adding SELinux rule to enable bgpd to call name_connect to bgp_port_t
|
||||
|
||||
* Fri Sep 09 2022 Michal Ruprich <mruprich@redhat.com> - 8.3.1-4
|
||||
- Fixing an error in post scriptlet
|
||||
|
||||
|
3
frr.te
3
frr.te
@ -68,7 +68,7 @@ allow frr_t frr_exec_t:dir search_dir_perms;
|
||||
can_exec(frr_t, frr_exec_t)
|
||||
|
||||
kernel_read_network_state(frr_t)
|
||||
kernel_read_net_sysctls(frr_t)
|
||||
kernel_rw_net_sysctls(frr_t)
|
||||
kernel_read_system_state(frr_t)
|
||||
|
||||
auth_use_nsswitch(frr_t)
|
||||
@ -80,6 +80,7 @@ corenet_udp_bind_bfd_control_port(frr_t)
|
||||
corenet_udp_bind_bfd_echo_port(frr_t)
|
||||
corenet_udp_bind_bfd_multi_port(frr_t)
|
||||
corenet_tcp_bind_bgp_port(frr_t)
|
||||
corenet_tcp_connect_bgp_port(frr_t)
|
||||
corenet_tcp_bind_cmadmin_port(frr_t)
|
||||
corenet_udp_bind_cmadmin_port(frr_t)
|
||||
corenet_tcp_bind_firepower_port(frr_t)
|
||||
|
Loading…
Reference in New Issue
Block a user