Signed-off-by: Sven Vermeulen <[email protected]>
---
policy/modules/system/lvm.te | 2 +-
1 files changed, 1 insertions(+), 1 deletions(-)
diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
index 6a87211..fcdcb32 100644
--- a/policy/modules/system/lvm.te
+++ b/policy/modules/system/lvm.te
@@ -167,7 +167,7 @@ optional_policy(`
# net_admin for multipath
allow lvm_t self:capability { dac_override fowner ipc_lock sys_admin sys_nice mknod chown sys_resource sys_rawio net_admin };
dontaudit lvm_t self:capability sys_tty_config;
-allow lvm_t self:process { sigchld sigkill sigstop signull signal };
+allow lvm_t self:process { sigchld sigkill sigstop signull signal setfscreate };
# LVM will complain a lot if it cannot set its priority.
allow lvm_t self:process setsched;
allow lvm_t self:file rw_file_perms;
--
1.7.3.4
On 05/01/12 04:23, Sven Vermeulen wrote:
> Signed-off-by: Sven Vermeulen <[email protected]>
> ---
> policy/modules/system/lvm.te | 2 +-
> 1 files changed, 1 insertions(+), 1 deletions(-)
>
> diff --git a/policy/modules/system/lvm.te b/policy/modules/system/lvm.te
> index 6a87211..fcdcb32 100644
> --- a/policy/modules/system/lvm.te
> +++ b/policy/modules/system/lvm.te
> @@ -167,7 +167,7 @@ optional_policy(`
> # net_admin for multipath
> allow lvm_t self:capability { dac_override fowner ipc_lock sys_admin sys_nice mknod chown sys_resource sys_rawio net_admin };
> dontaudit lvm_t self:capability sys_tty_config;
> -allow lvm_t self:process { sigchld sigkill sigstop signull signal };
> +allow lvm_t self:process { sigchld sigkill sigstop signull signal setfscreate };
> # LVM will complain a lot if it cannot set its priority.
> allow lvm_t self:process setsched;
> allow lvm_t self:file rw_file_perms;
Merged.
--
Chris PeBenito
Tresys Technology, LLC
http://www.tresys.com | oss.tresys.com