From: dominick.grift@gmail.com (grift)
Date: Tue, 01 Jan 2013 11:48:51 +0100
Subject: [refpolicy] [PATCH 08/12] Support netlink_route_socket creation
 for puppet
In-Reply-To: <1356994351-29191-9-git-send-email-sven.vermeulen@siphos.be>
References: <1356994351-29191-1-git-send-email-sven.vermeulen@siphos.be>
	<1356994351-29191-9-git-send-email-sven.vermeulen@siphos.be>
Message-ID: <1357037331.2088.17.camel@localhost>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Mon, 2012-12-31 at 23:52 +0100, Sven Vermeulen wrote:
> Signed-off-by: Sven Vermeulen <sven.vermeulen@siphos.be>

This was merged, thanks
> ---
>  puppet.te |    2 +-
>  1 files changed, 1 insertions(+), 1 deletions(-)
> 
> diff --git a/puppet.te b/puppet.te
> index f627825..357a2f5 100644
> --- a/puppet.te
> +++ b/puppet.te
> @@ -61,7 +61,7 @@ files_tmp_file(puppetmaster_tmp_t)
>  allow puppet_t self:capability { chown fowner fsetid setuid setgid dac_override sys_admin sys_nice sys_tty_config };
>  allow puppet_t self:process { signal signull getsched setsched };
>  allow puppet_t self:fifo_file rw_fifo_file_perms;
> -allow puppet_t self:netlink_route_socket nlmsg_write;
> +allow puppet_t self:netlink_route_socket create_netlink_socket_perms;
>  allow puppet_t self:tcp_socket { accept listen };
>  allow puppet_t self:udp_socket create_socket_perms;
>