The udev daemon should be able to load kernel modules not only on
systems using systemd but also on systems using former versions of
the udev daemon.
Signed-off-by: Guido Trentalancia <[email protected]>
---
policy/modules/system/udev.te | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
--- a/policy/modules/system/udev.te 2016-10-29 16:29:13.457156292 +0200
+++ b/policy/modules/system/udev.te 2016-12-17 18:15:12.803396548 +0100
@@ -79,6 +79,7 @@ manage_lnk_files_pattern(udev_t, udev_va
manage_sock_files_pattern(udev_t, udev_var_run_t, udev_var_run_t)
files_pid_filetrans(udev_t, udev_var_run_t, dir, "udev")
+kernel_load_module(udev_t)
kernel_read_system_state(udev_t)
kernel_request_load_module(udev_t)
kernel_getattr_core_if(udev_t)
@@ -220,8 +221,6 @@ ifdef(`distro_redhat',`
')
ifdef(`init_systemd',`
- kernel_load_module(udev_t)
-
files_search_kernel_modules(udev_t)
fs_read_cgroup_files(udev_t)
On 12/17/16 13:08, Guido Trentalancia via refpolicy wrote:
> The udev daemon should be able to load kernel modules not only on
> systems using systemd but also on systems using former versions of
> the udev daemon.
>
> Signed-off-by: Guido Trentalancia <[email protected]>
> ---
> policy/modules/system/udev.te | 3 +--
> 1 file changed, 1 insertion(+), 2 deletions(-)
>
> --- a/policy/modules/system/udev.te 2016-10-29 16:29:13.457156292 +0200
> +++ b/policy/modules/system/udev.te 2016-12-17 18:15:12.803396548 +0100
> @@ -79,6 +79,7 @@ manage_lnk_files_pattern(udev_t, udev_va
> manage_sock_files_pattern(udev_t, udev_var_run_t, udev_var_run_t)
> files_pid_filetrans(udev_t, udev_var_run_t, dir, "udev")
>
> +kernel_load_module(udev_t)
> kernel_read_system_state(udev_t)
> kernel_request_load_module(udev_t)
> kernel_getattr_core_if(udev_t)
> @@ -220,8 +221,6 @@ ifdef(`distro_redhat',`
> ')
>
> ifdef(`init_systemd',`
> - kernel_load_module(udev_t)
> -
> files_search_kernel_modules(udev_t)
>
> fs_read_cgroup_files(udev_t)
Merged.
--
Chris PeBenito