diff options
| author | Stephen Smalley <sds@tycho.nsa.gov> | 2012-07-31 09:15:46 -0400 |
|---|---|---|
| committer | Stephen Smalley <sds@tycho.nsa.gov> | 2012-07-31 09:15:46 -0400 |
| commit | 5f9917c1360a158e11efd0a6b561fb065efe5223 (patch) | |
| tree | 6a5a3c15bd98d3607bb34221a2071253b29182ad | |
| parent | 901cc36664399f5803c64bd5a26932807d6749aa (diff) | |
| download | sepolicy-5f9917c1360a158e11efd0a6b561fb065efe5223.tar.gz | |
Allow debuggerd to restorecon the tombstone directory.
| -rw-r--r-- | debuggerd.te | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/debuggerd.te b/debuggerd.te index b85133b..8ff3747 100644 --- a/debuggerd.te +++ b/debuggerd.te @@ -4,10 +4,14 @@ type debuggerd_exec, exec_type, file_type; init_daemon_domain(debuggerd) typeattribute debuggerd mlstrustedsubject; -allow debuggerd self:capability { dac_override sys_ptrace chown kill }; +allow debuggerd self:capability { dac_override sys_ptrace chown kill fowner }; allow debuggerd domain:dir r_dir_perms; allow debuggerd domain:file r_file_perms; allow debuggerd domain:process ptrace; +allow debuggerd rootfs:file r_file_perms; +allow debuggerd system_data_file:dir create_dir_perms; +allow debuggerd system_data_file:dir relabelfrom; +allow debuggerd tombstone_data_file:dir relabelto; allow debuggerd tombstone_data_file:dir create_dir_perms; allow debuggerd tombstone_data_file:file create_file_perms; allow debuggerd domain:process { sigstop signal }; |