From: pebenito@ieee.org (Chris PeBenito)
Date: Sat, 13 Aug 2016 08:27:18 -0400
Subject: [refpolicy] [PATCH] Add module_load permission to class system
In-Reply-To: <1470604072.2822.4.camel@trentalancia.net>
References: <1470604072.2822.4.camel@trentalancia.net>
Message-ID: <c0618058-710c-253b-f7fb-dca7a7ae08ab@ieee.org>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On 08/07/16 17:07, Guido Trentalancia wrote:
> The "module_load" permission has been recently added to the "system"
> class (kernel 4.7).
>
> The following patch updates the Reference Policy so that the new
> permission can be used to create SELinux policies.
>
> Signed-off-by: Guido Trentalancia <guido@trentalancia.net>
> ---
>  policy/flask/access_vectors |    1 +
>  1 file changed, 1 insertion(+)
>
> --- refpolicy-git-06082016-orig/policy/flask/access_vectors	2016-08-06 21:26:43.271774009 +0200
> +++ refpolicy-git-06082016/policy/flask/access_vectors	2016-08-07 21:08:07.750977409 +0200
> @@ -448,6 +448,7 @@ class system
>  	syslog_mod
>  	syslog_console
>  	module_request
> +	module_load
>
>  	# these are overloaded userspace
>  	# permissions from systemd

Merged.

-- 
Chris PeBenito