commit: 3cfa359b54921eda7f449dd445dadd7e231e4eb3 Author: Christian Göttsche <cgzones <AT> googlemail <DOT> com> AuthorDate: Mon Jan 1 11:32:34 2018 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Thu Jan 18 16:31:23 2018 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=3cfa359b
filesystem: add fs_rw_inherited_hugetlbfs_files for apache module policy/modules/kernel/filesystem.if | 18 ++++++++++++++++++ 1 file changed, 18 insertions(+) diff --git a/policy/modules/kernel/filesystem.if b/policy/modules/kernel/filesystem.if index 168f204a..7f245e29 100644 --- a/policy/modules/kernel/filesystem.if +++ b/policy/modules/kernel/filesystem.if @@ -2306,6 +2306,24 @@ interface(`fs_manage_hugetlbfs_dirs',` ######################################## ## <summary> +## Read and write inherited hugetlbfs files. +## </summary> +## <param name="domain"> +## <summary> +## Domain allowed access. +## </summary> +## </param> +# +interface(`fs_rw_inherited_hugetlbfs_files',` + gen_require(` + type hugetlbfs_t; + ') + + allow $1 hugetlbfs_t:file rw_inherited_file_perms; +') + +######################################## +## <summary> ## Read and write hugetlbfs files. ## </summary> ## <param name="domain">
