| 1 |
commit: 30d59932effdc3e24f87b00f90512dd59135fbb9 |
| 2 |
Author: Luis Ressel <aranea <AT> aixah <DOT> de> |
| 3 |
AuthorDate: Sat Feb 1 13:50:23 2014 +0000 |
| 4 |
Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Feb 9 10:52:41 2014 +0000 |
| 6 |
URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=30d59932 |
| 7 |
|
| 8 |
Allow mount_t usage of /dev/loop-control |
| 9 |
|
| 10 |
If loopback devices are not pregenerated (kernel option |
| 11 |
CONFIG_BLK_DEV_LOOP_MIN_COUNT=0), mount needs to write to |
| 12 |
/dev/loop-control do create them dynamically when needed. |
| 13 |
|
| 14 |
--- |
| 15 |
policy/modules/system/mount.te | 1 + |
| 16 |
1 file changed, 1 insertion(+) |
| 17 |
|
| 18 |
diff --git a/policy/modules/system/mount.te b/policy/modules/system/mount.te |
| 19 |
index 3c5fa5f..1b9030a 100644 |
| 20 |
--- a/policy/modules/system/mount.te |
| 21 |
+++ b/policy/modules/system/mount.te |
| 22 |
@@ -77,6 +77,7 @@ dev_list_all_dev_nodes(mount_t) |
| 23 |
dev_read_sysfs(mount_t) |
| 24 |
dev_dontaudit_write_sysfs_dirs(mount_t) |
| 25 |
dev_rw_lvm_control(mount_t) |
| 26 |
+dev_rw_loop_control(mount_t) |
| 27 |
dev_dontaudit_getattr_all_chr_files(mount_t) |
| 28 |
dev_dontaudit_getattr_memory_dev(mount_t) |
| 29 |
dev_getattr_sound_dev(mount_t) |
Archives