commit: 35ecd91545512101234bf017ce9edb67407cb086 Author: Jason Zaman <jason <AT> perfinion <DOT> com> AuthorDate: Mon Feb 9 17:17:40 2015 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Wed Mar 25 15:54:44 2015 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=35ecd915
salt: allow salt to ps all processes Salt needs to be able to list all processes to check if services are running policy/modules/contrib/salt.te | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policy/modules/contrib/salt.te b/policy/modules/contrib/salt.te index 970b183..4c76ecc 100644 --- a/policy/modules/contrib/salt.te +++ b/policy/modules/contrib/salt.te @@ -269,7 +269,7 @@ corenet_tcp_connect_salt_port(salt_minion_t) dev_read_sysfs(salt_minion_t) domain_dontaudit_exec_all_entry_files(salt_minion_t) -domain_dontaudit_search_all_domains_state(salt_minion_t) +domain_read_all_domains_state(salt_minion_t) files_manage_all_non_security_file_types(salt_minion_t)