mirror of
https://github.com/containers/udica
synced 2024-09-25 10:30:52 +02:00
confined: allow asynchronous I/O operations
Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
This commit is contained in:
parent
f411c14698
commit
131d228c6a
@ -4012,6 +4012,13 @@
|
|||||||
(allow remote_login_t utype (process (signal transition)))
|
(allow remote_login_t utype (process (signal transition)))
|
||||||
(allow utype self (bpf (prog_load)))
|
(allow utype self (bpf (prog_load)))
|
||||||
)
|
)
|
||||||
|
; asynchronous I/O operations RHEL 10
|
||||||
|
(optional confinedom_user_login_optional_4
|
||||||
|
(typeattributeset cil_gen_require io_uring_t)
|
||||||
|
(allow utype self (io_uring (sqpoll)))
|
||||||
|
(allow utype io_uring_t (anon_inode (create)))
|
||||||
|
(allow utype io_uring_t (anon_inode (read write getattr map)))
|
||||||
|
)
|
||||||
)
|
)
|
||||||
|
|
||||||
(macro confined_ssh_connect_macro ((type utype) (role urole) (type ssh_agent_type))
|
(macro confined_ssh_connect_macro ((type utype) (role urole) (type ssh_agent_type))
|
||||||
|
Loading…
Reference in New Issue
Block a user