selinux/passt.te: Allow setting socket option on routing netlink socket
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
This commit is contained in:
parent
0c11355e83
commit
933aa1014b
1 changed files with 1 additions and 1 deletions
|
@ -98,7 +98,7 @@ allow passt_t proc_net_t:file read;
|
||||||
allow passt_t net_conf_t:file { open read };
|
allow passt_t net_conf_t:file { open read };
|
||||||
allow passt_t net_conf_t:lnk_file read;
|
allow passt_t net_conf_t:lnk_file read;
|
||||||
allow passt_t tmp_t:sock_file { create unlink write };
|
allow passt_t tmp_t:sock_file { create unlink write };
|
||||||
allow passt_t self:netlink_route_socket { bind create nlmsg_read read write };
|
allow passt_t self:netlink_route_socket { bind create nlmsg_read read write setopt };
|
||||||
|
|
||||||
allow passt_t self:tcp_socket create_stream_socket_perms;
|
allow passt_t self:tcp_socket create_stream_socket_perms;
|
||||||
corenet_tcp_sendrecv_generic_node(passt_t)
|
corenet_tcp_sendrecv_generic_node(passt_t)
|
||||||
|
|
Loading…
Reference in a new issue