mirror of
https://github.com/containers/udica
synced 2024-10-17 12:38:12 +02:00
confined: Allow watching mount_var_run_t
Systems with graphical interface enabled need to watch /run/mount/utab.event Related: https://issues.redhat.com/browse/RHEL-23637 Signed-off-by: Vit Mojzis <vmojzis@redhat.com>
This commit is contained in:
parent
131d228c6a
commit
2604f497d2
@ -3078,7 +3078,7 @@
|
|||||||
(allow utype locale_t (dir (getattr open search)))
|
(allow utype locale_t (dir (getattr open search)))
|
||||||
(allow utype locale_t (lnk_file (getattr watch)))
|
(allow utype locale_t (lnk_file (getattr watch)))
|
||||||
(allow utype mount_var_run_t (dir (getattr open search)))
|
(allow utype mount_var_run_t (dir (getattr open search)))
|
||||||
(allow utype mount_var_run_t (file (ioctl read getattr lock open)))
|
(allow utype mount_var_run_t (file (ioctl read getattr lock open watch)))
|
||||||
(allow utype mount_var_run_t (dir (getattr open search)))
|
(allow utype mount_var_run_t (dir (getattr open search)))
|
||||||
(allow utype mount_var_run_t (dir (ioctl read getattr lock open search watch watch_reads)))
|
(allow utype mount_var_run_t (dir (ioctl read getattr lock open search watch watch_reads)))
|
||||||
(allow utype var_t (lnk_file (read getattr)))
|
(allow utype var_t (lnk_file (read getattr)))
|
||||||
|
Loading…
Reference in New Issue
Block a user