[node-patches] Change in ovirt-node[master]: ovirt.te: add firewalld_t rules
dougsland at redhat.com
dougsland at redhat.com
Wed Oct 1 14:21:02 UTC 2014
Douglas Schilling Landgraf has uploaded a new change for review.
Change subject: ovirt.te: add firewalld_t rules
......................................................................
ovirt.te: add firewalld_t rules
This patch adds:
allow firewalld_t auditd_log_t:dir { write add_name search };
allow firewalld_t auditd_log_t:file { create open getattr append };
allow firewalld_t init_t:dbus send_msg;
allow firewalld_t iptables_t:process { siginh noatsecure rlimitinh };
Change-Id: I12c6952faceab801b9c0487e225ce3df7f23aabe
Signed-off-by: Douglas Schilling Landgraf <dougsland at redhat.com>
---
M semodule/ovirt.te.in
1 file changed, 4 insertions(+), 1 deletion(-)
git pull ssh://gerrit.ovirt.org:29418/ovirt-node refs/changes/46/33646/1
diff --git a/semodule/ovirt.te.in b/semodule/ovirt.te.in
index 4384ac6..d8e8d36 100644
--- a/semodule/ovirt.te.in
+++ b/semodule/ovirt.te.in
@@ -500,7 +500,10 @@
type firewalld_t;
}
allow firewalld_t ovirt_t:dbus send_msg;
- allow firewalld_t auditd_log_t:dir search;
+ allow firewalld_t auditd_log_t:dir { write add_name search };
+ allow firewalld_t auditd_log_t:file { create open getattr append };
+ allow firewalld_t init_t:dbus send_msg;
+ allow firewalld_t iptables_t:process { siginh noatsecure rlimitinh };
')
--
To view, visit http://gerrit.ovirt.org/33646
To unsubscribe, visit http://gerrit.ovirt.org/settings
Gerrit-MessageType: newchange
Gerrit-Change-Id: I12c6952faceab801b9c0487e225ce3df7f23aabe
Gerrit-PatchSet: 1
Gerrit-Project: ovirt-node
Gerrit-Branch: master
Gerrit-Owner: Douglas Schilling Landgraf <dougsland at redhat.com>
More information about the node-patches
mailing list