add missing pieces of crond_t -> $1_crond_t transition
This commit is contained in:
parent
0447352aec
commit
6d9915d615
@ -46,6 +46,10 @@ allow $1_crond_t $1_cron_spool_t:file entrypoint;
|
|||||||
# transition, since crontabs are configuration files, not executables.
|
# transition, since crontabs are configuration files, not executables.
|
||||||
allow crond_t $1_crond_t:process transition;
|
allow crond_t $1_crond_t:process transition;
|
||||||
dontaudit crond_t $1_crond_t:process { noatsecure siginh rlimitinh };
|
dontaudit crond_t $1_crond_t:process { noatsecure siginh rlimitinh };
|
||||||
|
allow crond_t $1_crond_t:fd use;
|
||||||
|
allow $1_crond_t crond_t:fd use;
|
||||||
|
allow $1_crond_t crond_t:fifo_file rw_file_perms;
|
||||||
|
allow $1_crond_t crond_t:process sigchld;
|
||||||
|
|
||||||
kernel_read_system_state($1_crond_t)
|
kernel_read_system_state($1_crond_t)
|
||||||
kernel_read_kernel_sysctl($1_crond_t)
|
kernel_read_kernel_sysctl($1_crond_t)
|
||||||
|
Loading…
Reference in New Issue
Block a user