commit: 9c713028668b6f1cec101f5b523ce6d6bea54db1
Author: Jason Zaman <perfinion <AT> gentoo <DOT> org>
AuthorDate: Sun Feb 21 05:24:14 2021 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Mar 21 22:07:35 2021 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=9c713028
ntp: allow sock_file filetrans for /run/ntpd.sock
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/services/ntp.te | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/policy/modules/services/ntp.te b/policy/modules/services/ntp.te
index 24c94bbb..e9bab2e0 100644
--- a/policy/modules/services/ntp.te
+++ b/policy/modules/services/ntp.te
@@ -81,7 +81,7 @@ logging_log_filetrans(ntpd_t, ntpd_log_t, { file dir })
manage_files_pattern(ntpd_t, ntpd_pid_t, ntpd_pid_t)
manage_sock_files_pattern(ntpd_t, ntpd_pid_t, ntpd_pid_t)
-files_runtime_filetrans(ntpd_t, ntpd_pid_t, file)
+files_runtime_filetrans(ntpd_t, ntpd_pid_t, { file sock_file })
manage_dirs_pattern(ntpd_t, ntpd_tmp_t, ntpd_tmp_t)
manage_files_pattern(ntpd_t, ntpd_tmp_t, ntpd_tmp_t)
