diff --git a/policy/modules/apps/mozilla.te b/policy/modules/apps/mozilla.te index 0a9a9212..7243acc0 100644 --- a/policy/modules/apps/mozilla.te +++ b/policy/modules/apps/mozilla.te @@ -304,6 +304,7 @@ allow mozilla_plugin_t self:fifo_file manage_fifo_file_perms; allow mozilla_plugin_t self:unix_stream_socket { connectto create_stream_socket_perms }; read_files_pattern(mozilla_plugin_t, mozilla_home_t, mozilla_home_t) +can_exec(mozilla_plugin_t, mozilla_home_t) manage_dirs_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t) manage_files_pattern(mozilla_plugin_t, mozilla_plugin_tmp_t, mozilla_plugin_tmp_t) diff --git a/policy/modules/services/rpc.te b/policy/modules/services/rpc.te index 9ae080e2..ea2c0f09 100644 --- a/policy/modules/services/rpc.te +++ b/policy/modules/services/rpc.te @@ -88,6 +88,7 @@ fs_read_rpc_files(rpcd_t) fs_read_rpc_symlinks(rpcd_t) fs_rw_rpc_sockets(rpcd_t) fs_get_all_fs_quotas(rpcd_t) +fs_set_xattr_fs_quotas(rpcd_t) fs_getattr_all_fs(rpcd_t) storage_getattr_fixed_disk_dev(rpcd_t)