selinux/passt.te: Allow /etc/resolv.conf symlinks to be followed

Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
Stefano Brivio 2023-02-21 18:07:31 +00:00
parent 7d9150db0a
commit 0c11355e83

View file

@ -96,6 +96,7 @@ allow passt_t self:cap_userns { setpcap sys_admin sys_ptrace };
allow passt_t proc_net_t:file read; allow passt_t proc_net_t:file read;
allow passt_t net_conf_t:file { open read }; allow passt_t net_conf_t:file { open read };
allow passt_t net_conf_t:lnk_file read;
allow passt_t tmp_t:sock_file { create unlink write }; allow passt_t tmp_t:sock_file { create unlink write };
allow passt_t self:netlink_route_socket { bind create nlmsg_read read write }; allow passt_t self:netlink_route_socket { bind create nlmsg_read read write };