aboutgitcodebugslistschat
diff options
context:
space:
mode:
authorStefano Brivio <sbrivio@redhat.com>2023-02-21 18:07:31 +0000
committerStefano Brivio <sbrivio@redhat.com>2023-02-21 19:12:37 +0100
commit0c11355e834d542f17073721b6462668680a2c86 (patch)
tree140e1aaac6cda1a6059adce617b2d00bc4dda231
parent7d9150db0ac72cde46b48b916daefa6e70a751b0 (diff)
downloadpasst-0c11355e834d542f17073721b6462668680a2c86.tar
passt-0c11355e834d542f17073721b6462668680a2c86.tar.gz
passt-0c11355e834d542f17073721b6462668680a2c86.tar.bz2
passt-0c11355e834d542f17073721b6462668680a2c86.tar.lz
passt-0c11355e834d542f17073721b6462668680a2c86.tar.xz
passt-0c11355e834d542f17073721b6462668680a2c86.tar.zst
passt-0c11355e834d542f17073721b6462668680a2c86.zip
selinux/passt.te: Allow /etc/resolv.conf symlinks to be followed
Signed-off-by: Stefano Brivio <sbrivio@redhat.com>
-rw-r--r--contrib/selinux/passt.te1
1 files changed, 1 insertions, 0 deletions
diff --git a/contrib/selinux/passt.te b/contrib/selinux/passt.te
index 45d56c2..3125d52 100644
--- a/contrib/selinux/passt.te
+++ b/contrib/selinux/passt.te
@@ -96,6 +96,7 @@ allow passt_t self:cap_userns { setpcap sys_admin sys_ptrace };
allow passt_t proc_net_t:file read;
allow passt_t net_conf_t:file { open read };
+allow passt_t net_conf_t:lnk_file read;
allow passt_t tmp_t:sock_file { create unlink write };
allow passt_t self:netlink_route_socket { bind create nlmsg_read read write };