rpms/frr
5
0
Fork 0
Code Issues Pull Requests Releases Activity

Resolves: #2216911 - Adding missing sys_admin SELinux call

Browse Source
This commit is contained in:
Michal Ruprich 2023-08-23 13:40:51 +02:00
parent b33a840a2c
commit 49a02a9374
2 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
frr.spec
View File

@ -7,7 +7,7 @@
Name: frr Name: frr
Version: 7.5.1 Version: 7.5.1
Release: 11%{?checkout}%{?dist} Release: 12%{?checkout}%{?dist}
Summary: Routing daemon Summary: Routing daemon
License: GPLv2+ License: GPLv2+
URL: http://www.frrouting.org URL: http://www.frrouting.org
@ -274,6 +274,9 @@ make check PYTHON=%{__python3}
%endif %endif
%changelog %changelog
* Wed Aug 23 2023 Michal Ruprich <mruprich@redhat.com> - 7.5.1-12
- Resolves: #2216911 - Adding missing sys_admin SELinux call
* Mon Aug 21 2023 Michal Ruprich <mruprich@redhat.com> - 7.5.1-11 * Mon Aug 21 2023 Michal Ruprich <mruprich@redhat.com> - 7.5.1-11
- Related: #2216911 - Adding unconfined_t type to access namespaces - Related: #2216911 - Adding unconfined_t type to access namespaces

2
frr.te
View File

@ -31,7 +31,7 @@ files_pid_file(frr_var_run_t)
# #
# frr local policy # frr local policy
# #
allow frr_t self:capability { fowner fsetid chown dac_override dac_read_search kill net_bind_service net_raw setgid setuid net_admin }; allow frr_t self:capability { fowner fsetid chown dac_override dac_read_search kill net_bind_service net_raw setgid setuid net_admin sys_admin };
allow frr_t self:netlink_route_socket rw_netlink_socket_perms; allow frr_t self:netlink_route_socket rw_netlink_socket_perms;
allow frr_t self:packet_socket create; allow frr_t self:packet_socket create;
allow frr_t self:process { setcap setpgid }; allow frr_t self:process { setcap setpgid };