!123 add more capabilities to openvswitch_load_module_t
From: @bigclouds99 Reviewed-by: @seuzw Signed-off-by: @seuzw
This commit is contained in:
openeuler-ci-bot
Gitee
commit
459f5a6fb2
@ -32,7 +32,7 @@ index b2c63ab..8f76c14 100644
|
|||||||
allow openvswitch_load_module_t kernel_t:system module_request;
|
allow openvswitch_load_module_t kernel_t:system module_request;
|
||||||
allow openvswitch_load_module_t modules_conf_t:dir { getattr open read search };
|
allow openvswitch_load_module_t modules_conf_t:dir { getattr open read search };
|
||||||
allow openvswitch_load_module_t modules_conf_t:file { getattr open read };
|
allow openvswitch_load_module_t modules_conf_t:file { getattr open read };
|
||||||
+allow openvswitch_load_module_t modules_dep_t:file open;
|
+allow openvswitch_load_module_t modules_dep_t:file { getattr map open read };
|
||||||
allow openvswitch_load_module_t modules_object_t:file { map getattr open read };
|
allow openvswitch_load_module_t modules_object_t:file { map getattr open read };
|
||||||
allow openvswitch_load_module_t modules_object_t:dir { getattr open read search };
|
allow openvswitch_load_module_t modules_object_t:dir { getattr open read search };
|
||||||
allow openvswitch_load_module_t openvswitch_load_module_exec_t:file { entrypoint };
|
allow openvswitch_load_module_t openvswitch_load_module_exec_t:file { entrypoint };
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user