rpms/frr
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: #2216911 - Adding missing sys_admin SELinux call

Browse Source
This commit is contained in:
Michal Ruprich 2023-08-23 13:40:51 +02:00
parent b33a840a2c
commit 49a02a9374
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
frr.spec
View File

@ -7,7 +7,7 @@
Name: frr
Version: 7.5.1
Release: 11%{?checkout}%{?dist}
Release: 12%{?checkout}%{?dist}
Summary: Routing daemon
License: GPLv2+
URL: http://www.frrouting.org
@ -274,6 +274,9 @@ make check PYTHON=%{__python3}
%endif
%changelog
* Wed Aug 23 2023 Michal Ruprich <mruprich@redhat.com> - 7.5.1-12
- Resolves: #2216911 - Adding missing sys_admin SELinux call
* Mon Aug 21 2023 Michal Ruprich <mruprich@redhat.com> - 7.5.1-11
- Related: #2216911 - Adding unconfined_t type to access namespaces

2
frr.te
View File

@ -31,7 +31,7 @@ files_pid_file(frr_var_run_t)
#
# frr local policy
#
allow frr_t self:capability { fowner fsetid chown dac_override dac_read_search kill net_bind_service net_raw setgid setuid net_admin };
allow frr_t self:capability { fowner fsetid chown dac_override dac_read_search kill net_bind_service net_raw setgid setuid net_admin sys_admin };
allow frr_t self:netlink_route_socket rw_netlink_socket_perms;
allow frr_t self:packet_socket create;
allow frr_t self:process { setcap setpgid };