diff options
author | Kenton Groombridge <concord@gentoo.org> | 2024-06-27 13:18:45 -0400 |
---|---|---|
committer | Jason Zaman <perfinion@gentoo.org> | 2024-09-21 15:28:29 -0700 |
commit | e49e0ad89ec418cc13420e25bf92ccf47aeb4f4a (patch) | |
tree | d646438dc98ff6efd4d00243d77d9956e30875b6 | |
parent | node_exporter: allow reading localization (diff) | |
download | hardened-refpolicy-e49e0ad89ec418cc13420e25bf92ccf47aeb4f4a.tar.gz hardened-refpolicy-e49e0ad89ec418cc13420e25bf92ccf47aeb4f4a.tar.bz2 hardened-refpolicy-e49e0ad89ec418cc13420e25bf92ccf47aeb4f4a.zip |
netutils: allow ping to read net sysctls
ping will check whether IPv6 is disabled.
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
-rw-r--r-- | policy/modules/admin/netutils.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/admin/netutils.te b/policy/modules/admin/netutils.te index a19369e96..63d2f9cb8 100644 --- a/policy/modules/admin/netutils.te +++ b/policy/modules/admin/netutils.te @@ -135,6 +135,7 @@ domain_use_interactive_fds(ping_t) files_read_etc_files(ping_t) +kernel_read_net_sysctls(ping_t) kernel_read_system_state(ping_t) auth_use_nsswitch(ping_t) |