Re: Running iotop as sysadm_r

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 04/20/2015 01:21 AM, William wrote:
> 
>>>
>>> optional_policy(`
>>>         iotop_run(sysadm_t, sysadm_r)
>>> ')
>> Yes, this is correct way how to make it working.
>>>
>>> I think that i'm missing something related to the sysadm_r roles. What's
>>> the correct way to edit the policy to allow sysadm_r to run iotop_t
>>> correctly? Tips would be appreciated.
>>>
>>>
>> It's about netlink_socket against netlink_route_socket. You need to also add
>>
>> allow iotop_t self:netlink_socket create_socket_perms;
>>
>> I added it to Fedora.
>>
>>
> 
> Thanks for looking into this. What's the commit link so I can have a
> look at what you added?
> 
> 
https://github.com/fedora-selinux/selinux-policy/commit/fb187f901807bd02246dea575df21666a338bb86

-- 
Miroslav Grepl
Software Engineering, SELinux Solutions
Red Hat, Inc.
--
selinux mailing list
selinux@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/selinux





[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Big List of Linux Books]     [Yosemite News]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux