fixes from testing
This commit is contained in:
parent
88d68f60bc
commit
f827eb6320
@ -139,6 +139,7 @@ template(`vmware_per_userdomain_template',`
|
||||
files_read_etc_files($1_vmware_t)
|
||||
files_read_etc_runtime_files($1_vmware_t)
|
||||
files_read_usr_files($1_vmware_t)
|
||||
files_list_home($1_vmware_t)
|
||||
|
||||
fs_getattr_xattr_fs($1_vmware_t)
|
||||
fs_search_auto_mountpoints($1_vmware_t)
|
||||
@ -157,6 +158,7 @@ template(`vmware_per_userdomain_template',`
|
||||
|
||||
userdom_use_user_terminals($1,$1_vmware_t)
|
||||
userdom_use_unpriv_users_fds($1_vmware_t)
|
||||
userdom_list_user_home_dirs($1,$1_vmware_t)
|
||||
# cjp: why?
|
||||
userdom_read_user_home_content_files($1,$1_vmware_t)
|
||||
|
||||
|
@ -30,6 +30,7 @@ files_pid_file(vmware_var_run_t)
|
||||
allow vmware_host_t self:capability { setuid net_raw };
|
||||
dontaudit vmware_host_t self:capability sys_tty_config;
|
||||
allow vmware_host_t self:process signal_perms;
|
||||
allow vmware_host_t self:fifo_file rw_file_perms;
|
||||
allow vmware_host_t self:unix_stream_socket create_stream_socket_perms;
|
||||
allow vmware_host_t self:rawip_socket create_socket_perms;
|
||||
|
||||
@ -73,6 +74,8 @@ logging_send_syslog_msg(vmware_host_t)
|
||||
|
||||
miscfiles_read_localization(vmware_host_t)
|
||||
|
||||
sysnet_dns_name_resolve(vmware_host_t)
|
||||
|
||||
userdom_dontaudit_use_unpriv_user_fds(vmware_host_t)
|
||||
userdom_dontaudit_search_sysadm_home_dirs(vmware_host_t)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user