blob: bd060655e81e46927459d9508aab6e292d69a885 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
From e67fe4fa79d59be7bcefd256c1966ea8c034a3d9 Mon Sep 17 00:00:00 2001
From: Roy Li <rongqing.li@windriver.com>
Date: Sat, 15 Feb 2014 09:45:00 +0800
Subject: [PATCH] policy/modules/roles/sysadm: allow sysadm to run rpcinfo
Fixes:
$ rpcinfo
rpcinfo: can't contact rpcbind: RPC: Remote system error - Permission denied
avc: denied { connectto } for pid=406 comm="rpcinfo"
path="/run/rpcbind.sock" scontext=root:sysadm_r:sysadm_t
tcontext=system_u:system_r:rpcbind_t tclass=unix_stream_socket
permissive=0
Upstream-Status: Inappropriate [embedded specific]
Signed-off-by: Roy Li <rongqing.li@windriver.com>
Signed-off-by: Joe MacDonald <joe_macdonald@mentor.com>
Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
---
policy/modules/roles/sysadm.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/roles/sysadm.te b/policy/modules/roles/sysadm.te
index ddf973693..1642f3b93 100644
--- a/policy/modules/roles/sysadm.te
+++ b/policy/modules/roles/sysadm.te
@@ -947,6 +947,7 @@ optional_policy(`
')
optional_policy(`
+ rpcbind_stream_connect(sysadm_t)
rpcbind_admin(sysadm_t, sysadm_r)
')
--
2.17.1
|