Fix ipsec typo
This commit is contained in:
parent
06cfcd1c01
commit
9e62d1d3a9
@ -30708,7 +30708,7 @@ index 0d4c8d3..e6ffda3 100644
|
|||||||
+ ps_process_pattern($1, ipsec_mgmt_t)
|
+ ps_process_pattern($1, ipsec_mgmt_t)
|
||||||
+')
|
+')
|
||||||
diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te
|
diff --git a/policy/modules/system/ipsec.te b/policy/modules/system/ipsec.te
|
||||||
index 312cd04..36ad32e 100644
|
index 312cd04..a97e8da 100644
|
||||||
--- a/policy/modules/system/ipsec.te
|
--- a/policy/modules/system/ipsec.te
|
||||||
+++ b/policy/modules/system/ipsec.te
|
+++ b/policy/modules/system/ipsec.te
|
||||||
@@ -48,6 +48,9 @@ init_system_domain(ipsec_mgmt_t, ipsec_mgmt_exec_t)
|
@@ -48,6 +48,9 @@ init_system_domain(ipsec_mgmt_t, ipsec_mgmt_exec_t)
|
||||||
@ -30728,9 +30728,9 @@ index 312cd04..36ad32e 100644
|
|||||||
-allow ipsec_t self:capability { net_admin dac_override dac_read_search setpcap sys_nice };
|
-allow ipsec_t self:capability { net_admin dac_override dac_read_search setpcap sys_nice };
|
||||||
-dontaudit ipsec_t self:capability { sys_ptrace sys_tty_config };
|
-dontaudit ipsec_t self:capability { sys_ptrace sys_tty_config };
|
||||||
-allow ipsec_t self:process { getcap setcap getsched signal setsched };
|
-allow ipsec_t self:process { getcap setcap getsched signal setsched };
|
||||||
+allow ipsec_t self:capability { net_admin dac_override dac_read_search setpcap sys_nice net_raw setuid setgid sigkill };
|
+allow ipsec_t self:capability { net_admin dac_override dac_read_search setpcap sys_nice net_raw setuid setgid };
|
||||||
+dontaudit ipsec_t self:capability sys_tty_config;
|
+dontaudit ipsec_t self:capability sys_tty_config;
|
||||||
+allow ipsec_t self:process { getcap setcap getsched signal signull setsched };
|
+allow ipsec_t self:process { getcap setcap getsched signal signull setsched sigkill };
|
||||||
allow ipsec_t self:tcp_socket create_stream_socket_perms;
|
allow ipsec_t self:tcp_socket create_stream_socket_perms;
|
||||||
allow ipsec_t self:udp_socket create_socket_perms;
|
allow ipsec_t self:udp_socket create_socket_perms;
|
||||||
+allow ipsec_t self:packet_socket create_socket_perms;
|
+allow ipsec_t self:packet_socket create_socket_perms;
|
||||||
|
Loading…
Reference in New Issue
Block a user