diff options
author | Kenton Groombridge <concord@gentoo.org> | 2024-08-07 16:12:15 -0400 |
---|---|---|
committer | Jason Zaman <perfinion@gentoo.org> | 2024-09-21 15:28:29 -0700 |
commit | 4013344dd813c56faea4c458cfc050396c1a9d49 (patch) | |
tree | afd264778822787f875127e76c1ee44404962888 | |
parent | filesystem, devices: move gadgetfs to usbfs_t (diff) | |
download | hardened-refpolicy-4013344dd813c56faea4c458cfc050396c1a9d49.tar.gz hardened-refpolicy-4013344dd813c56faea4c458cfc050396c1a9d49.tar.bz2 hardened-refpolicy-4013344dd813c56faea4c458cfc050396c1a9d49.zip |
iptables: allow reading usr files
The nftables program reads files in /usr/share/iproute2.
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
Signed-off-by: Jason Zaman <perfinion@gentoo.org>
-rw-r--r-- | policy/modules/system/iptables.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te index 989404bb0..684d91a25 100644 --- a/policy/modules/system/iptables.te +++ b/policy/modules/system/iptables.te @@ -84,6 +84,7 @@ domain_use_interactive_fds(iptables_t) files_read_etc_files(iptables_t) files_read_etc_runtime_files(iptables_t) +files_read_usr_files(iptables_t) auth_use_nsswitch(iptables_t) |