From 449d2069ac5ebe7525ac4896a8a6441031ccd76a Mon Sep 17 00:00:00 2001 From: Chris PeBenito Date: Mon, 22 Mar 2010 11:08:31 -0400 Subject: [PATCH] Snmp patch from Dan Walsh. --- policy/modules/services/snmp.te | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/policy/modules/services/snmp.te b/policy/modules/services/snmp.te index 7a805f0f..a9a4da7d 100644 --- a/policy/modules/services/snmp.te +++ b/policy/modules/services/snmp.te @@ -1,5 +1,5 @@ -policy_module(snmp, 1.10.1) +policy_module(snmp, 1.10.2) ######################################## # @@ -25,7 +25,7 @@ files_type(snmpd_var_lib_t) # # Local policy # -allow snmpd_t self:capability { dac_override kill ipc_lock sys_ptrace net_admin sys_nice sys_tty_config }; +allow snmpd_t self:capability { chown dac_override kill ipc_lock sys_ptrace net_admin sys_nice sys_tty_config }; dontaudit snmpd_t self:capability { sys_module sys_tty_config }; allow snmpd_t self:process { signal_perms getsched setsched }; allow snmpd_t self:fifo_file rw_fifo_file_perms;