diff options
author | Stefano Brivio <sbrivio@redhat.com> | 2023-02-21 18:09:23 +0000 |
---|---|---|
committer | Stefano Brivio <sbrivio@redhat.com> | 2023-02-21 19:12:37 +0100 |
commit | 933aa1014bb9012fa20974945502c6687beaaebe (patch) | |
tree | 21f7c60985e02062a4f349ee7df0330a0b6ae7fa | |
parent | 0c11355e834d542f17073721b6462668680a2c86 (diff) | |
download | passt-933aa1014bb9012fa20974945502c6687beaaebe.tar passt-933aa1014bb9012fa20974945502c6687beaaebe.tar.gz passt-933aa1014bb9012fa20974945502c6687beaaebe.tar.bz2 passt-933aa1014bb9012fa20974945502c6687beaaebe.tar.lz passt-933aa1014bb9012fa20974945502c6687beaaebe.tar.xz passt-933aa1014bb9012fa20974945502c6687beaaebe.tar.zst passt-933aa1014bb9012fa20974945502c6687beaaebe.zip |
selinux/passt.te: Allow setting socket option on routing netlink socket
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r-- | contrib/selinux/passt.te | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/contrib/selinux/passt.te b/contrib/selinux/passt.te index 3125d52..7fa4fb9 100644 --- a/contrib/selinux/passt.te +++ b/contrib/selinux/passt.te @@ -98,7 +98,7 @@ allow passt_t proc_net_t:file read; allow passt_t net_conf_t:file { open read }; allow passt_t net_conf_t:lnk_file read; allow passt_t tmp_t:sock_file { create unlink write }; -allow passt_t self:netlink_route_socket { bind create nlmsg_read read write }; +allow passt_t self:netlink_route_socket { bind create nlmsg_read read write setopt }; allow passt_t self:tcp_socket create_stream_socket_perms; corenet_tcp_sendrecv_generic_node(passt_t) |