rpms
/
selinux-policy
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Fix ipsec typo

This commit is contained in:
Miroslav Grepl 2014-01-18 11:02:03 +01:00
parent 06cfcd1c01
commit 9e62d1d3a9
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
policy-rawhide-base.patch
View File

@ -30708,7 +30708,7 @@ index 0d4c8d3..e6ffda3 100644
+ ps_process_pattern($1, ipsec_mgmt_t)
+')
diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te
index 312cd04..36ad32e 100644
index 312cd04..a97e8da 100644
--- a/policy/modules/system/ipsec.te
+++ b/policy/modules/system/ipsec.te
@@ -48,6 +48,9 @@ init_system_domain(ipsec_mgmt_t, ipsec_mgmt_exec_t)
@ -30728,9 +30728,9 @@ index 312cd04..36ad32e 100644
-allow ipsec_t self:capability { net_admin dac_override dac_read_search setpcap sys_nice };
-dontaudit ipsec_t self:capability { sys_ptrace sys_tty_config };
-allow ipsec_t self:process { getcap setcap getsched signal setsched };
+allow ipsec_t self:capability { net_admin dac_override dac_read_search setpcap sys_nice net_raw setuid setgid sigkill };
+allow ipsec_t self:capability { net_admin dac_override dac_read_search setpcap sys_nice net_raw setuid setgid };
+dontaudit ipsec_t self:capability sys_tty_config;
+allow ipsec_t self:process { getcap setcap getsched signal signull setsched };
+allow ipsec_t self:process { getcap setcap getsched signal signull setsched sigkill };
allow ipsec_t self:tcp_socket create_stream_socket_perms;
allow ipsec_t self:udp_socket create_socket_perms;
+allow ipsec_t self:packet_socket create_socket_perms;