1 |
commit: 468f0734235b38414fc8be4750cf95eac324d406 |
2 |
Author: Miroslav Grepl <mgrepl <AT> redhat <DOT> com> |
3 |
AuthorDate: Wed Nov 20 13:28:46 2013 +0000 |
4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Nov 30 15:01:55 2013 +0000 |
6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=468f0734 |
7 |
|
8 |
Allow setpgid for sosreport |
9 |
|
10 |
--- |
11 |
policy/modules/contrib/sosreport.te | 2 +- |
12 |
1 file changed, 1 insertion(+), 1 deletion(-) |
13 |
|
14 |
diff --git a/policy/modules/contrib/sosreport.te b/policy/modules/contrib/sosreport.te |
15 |
index 1e5be0c..de9ce16 100644 |
16 |
--- a/policy/modules/contrib/sosreport.te |
17 |
+++ b/policy/modules/contrib/sosreport.te |
18 |
@@ -33,7 +33,7 @@ optional_policy(` |
19 |
|
20 |
allow sosreport_t self:capability { kill net_admin net_raw setuid sys_admin sys_nice dac_override }; |
21 |
dontaudit sosreport_t self:capability sys_ptrace; |
22 |
-allow sosreport_t self:process { setsched signal_perms }; |
23 |
+allow sosreport_t self:process { setsched setpgid signal_perms }; |
24 |
allow sosreport_t self:fifo_file rw_fifo_file_perms; |
25 |
allow sosreport_t self:tcp_socket { accept listen }; |
26 |
allow sosreport_t self:unix_stream_socket { accept listen }; |