Переглянути джерело

dnsping: add missing permissions for Debian stretch

Helmut Pozimski 7 роки тому
батько
коміт
85d0b97d56
1 змінених файлів з 7 додано та 1 видалено
  1. 7 1
      policy/modules/dnsping.te

+ 7 - 1
policy/modules/dnsping.te

@@ -1,4 +1,4 @@
-policy_module(dnsping, 0.1.5)
+policy_module(dnsping, 0.1.6)
 
 #################################
 #
@@ -24,7 +24,10 @@ allow dnsping_t self:unix_dgram_socket { write create connect };
 
 corenet_udp_bind_all_unreserved_ports(dnsping_t)
 corenet_udp_bind_generic_node(dnsping_t)
+
 dev_read_rand(dnsping_t)
+dev_read_urand(dnsping_t)
+
 kernel_search_vm_sysctl(dnsping_t)
 kernel_read_vm_sysctls(dnsping_t)
 
@@ -34,7 +37,10 @@ files_read_etc_files(dnsping_t)
 fs_getattr_xattr_fs(dnsping_t)
 miscfiles_read_localization(dnsping_t)
 sysnet_read_config(dnsping_t)
+
 kernel_read_system_state(dnsping_t)
+kernel_read_vm_overcommit_sysctl(dnsping_t)
+
 corecmd_exec_shell(dnsping_t)
 files_manage_generic_tmp_files(dnsping_t)