Index: refpolicy-2.20180701/policy/modules/services/cron.te
===================================================================
--- refpolicy-2.20180701.orig/policy/modules/services/cron.te
+++ refpolicy-2.20180701/policy/modules/services/cron.te
@@ -439,6 +439,7 @@ optional_policy(`
optional_policy(`
init_dbus_chat(crond_t)
+ init_dbus_chat(system_cronjob_t)
systemd_dbus_chat_logind(system_cronjob_t)
systemd_write_inherited_logind_sessions_pipes(system_cronjob_t)
# so cron jobs can restart daemons
@@ -518,6 +519,7 @@ corenet_udp_sendrecv_all_ports(system_cr
dev_getattr_all_blk_files(system_cronjob_t)
dev_getattr_all_chr_files(system_cronjob_t)
+dev_getattr_mtrr_dev(system_cronjob_t)
dev_read_urand(system_cronjob_t)
dev_read_sysfs(system_cronjob_t)
# for checkarray to write to sync_action
On 1/14/19 6:36 AM, Russell Coker wrote:
>
> Index: refpolicy-2.20180701/policy/modules/services/cron.te
> ===================================================================
> --- refpolicy-2.20180701.orig/policy/modules/services/cron.te
> +++ refpolicy-2.20180701/policy/modules/services/cron.te
> @@ -439,6 +439,7 @@ optional_policy(`
>
> optional_policy(`
> init_dbus_chat(crond_t)
> + init_dbus_chat(system_cronjob_t)
> systemd_dbus_chat_logind(system_cronjob_t)
> systemd_write_inherited_logind_sessions_pipes(system_cronjob_t)
> # so cron jobs can restart daemons
> @@ -518,6 +519,7 @@ corenet_udp_sendrecv_all_ports(system_cr
>
> dev_getattr_all_blk_files(system_cronjob_t)
> dev_getattr_all_chr_files(system_cronjob_t)
> +dev_getattr_mtrr_dev(system_cronjob_t)
> dev_read_urand(system_cronjob_t)
> dev_read_sysfs(system_cronjob_t)
> # for checkarray to write to sync_action
Merged.
--
Chris PeBenito