commit: 99ed324731d394bd4b2ce978e08b3d4c13a88fc3
Author: Jason Zaman <jason <AT> perfinion <DOT> com>
AuthorDate: Tue Jan 20 14:30:07 2015 +0000
Commit: Jason Zaman <gentoo <AT> perfinion <DOT> com>
CommitDate: Mon Jan 26 06:42:28 2015 +0000
URL:
http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=99ed3247
networkmanager: v1.0.0 needs new socket permissions
---
policy/modules/contrib/networkmanager.te | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/policy/modules/contrib/networkmanager.te
b/policy/modules/contrib/networkmanager.te
index a0dc708..d8dcaee 100644
--- a/policy/modules/contrib/networkmanager.te
+++ b/policy/modules/contrib/networkmanager.te
@@ -371,6 +371,12 @@ ifdef(`distro_gentoo',`
#
# NetworkManager_t policy
#
+ allow NetworkManager_t self:rawip_socket create_socket_perms;
+ allow NetworkManager_t self:unix_stream_socket connectto;
+
+ # listing /etc/NetworkManager/dispatch.d/
+ list_dirs_pattern(NetworkManager_t, NetworkManager_initrc_exec_t,
NetworkManager_initrc_exec_t)
+ read_files_pattern(NetworkManager_t, NetworkManager_initrc_exec_t,
NetworkManager_initrc_exec_t)
optional_policy(`
resolvconf_client_domain(NetworkManager_t)
