From: Laurent Bigonville <bigon@xxxxxxxx>
When alsactl is running as a daemon with systemd, it sets its process
priority to be nice to other processes. When stopping the service, it's
signaling to itself that it needs to exit.
----
time->Sun Oct 6 11:59:59 2019
type=AVC msg=audit(1570355999.755:43): avc: denied { setsched } for pid=794 comm="alsactl" scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:system_r:alsa_t:s0 tclass=process permissive=1
----
time->Sun Oct 6 11:59:59 2019
type=AVC msg=audit(1570355999.755:44): avc: denied { getsched } for pid=794 comm="alsactl" scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:system_r:alsa_t:s0 tclass=process permissive=1
----
time->Sun Oct 6 12:07:26 2019
type=AVC msg=audit(1570356446.747:292): avc: denied { signal } for pid=3585 comm="alsactl" scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:system_r:alsa_t:s0 tclass=process permissive=1
Signed-off-by: Laurent Bigonville <bigon@xxxxxxxx>
---
policy/modules/admin/alsa.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/admin/alsa.te b/policy/modules/admin/alsa.te
index 9d053c4d..a2287485 100644
--- a/policy/modules/admin/alsa.te
+++ b/policy/modules/admin/alsa.te
@@ -44,6 +44,7 @@ files_lock_file(alsa_var_lock_t)
allow alsa_t self:capability { dac_override dac_read_search ipc_owner setgid setuid };
# kill : kill pulseaudio
dontaudit alsa_t self:capability { kill sys_admin };
+allow alsa_t self:process { getsched setsched signal };
allow alsa_t self:sem create_sem_perms;
allow alsa_t self:shm create_shm_perms;
allow alsa_t self:unix_stream_socket { accept listen };
--
2.23.0
