commit: 1e38c79a38749e559fd12eeddd14eda3ae6ebb8c Author: Sven Vermeulen <sven.vermeulen <AT> siphos <DOT> be> AuthorDate: Sun Mar 30 14:09:12 2014 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Tue Apr 8 15:55:01 2014 +0000 URL: http://git.overlays.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=1e38c79a
dnsmasq reads MTU sysctl The dnsmasq application reads in the value of the /proc/sys/net/ipv6/conf/*/mtu values. This is confirmed through looking at the source code of dnsmasq, in src/radv.c. Signed-off-by: Sven Vermeulen <sven.vermeulen <AT> siphos.be> --- policy/modules/contrib/dnsmasq.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/contrib/dnsmasq.te b/policy/modules/contrib/dnsmasq.te index f1fdee0..7027424 100644 --- a/policy/modules/contrib/dnsmasq.te +++ b/policy/modules/contrib/dnsmasq.te @@ -52,6 +52,7 @@ manage_files_pattern(dnsmasq_t, dnsmasq_var_run_t, dnsmasq_var_run_t) files_pid_filetrans(dnsmasq_t, dnsmasq_var_run_t, { dir file }) kernel_read_kernel_sysctls(dnsmasq_t) +kernel_read_net_sysctls(dnsmasq_t) kernel_read_network_state(dnsmasq_t) kernel_read_system_state(dnsmasq_t) kernel_request_load_module(dnsmasq_t)