Fix AVC when for reading /proc during password change on RHEL 5

438007
author: Rob Crittenden <rcritten@redhat.com> 2008-04-01 15:40:42 -0400
committer: Rob Crittenden <rcritten@redhat.com> 2008-04-01 15:40:42 -0400
commit: 04da7a1eccfacdb195152f94e2a4b63854ef5e82 (patch)
tree: 07ed2320adb3ab738857cc1b0c1ce35d268eab81
parent: 98f8a313201cdf2c7a2cb573c6e74de18281e2d5 (diff)
download: freeipa-04da7a1eccfacdb195152f94e2a4b63854ef5e82.tar.gz
freeipa-04da7a1eccfacdb195152f94e2a4b63854ef5e82.tar.xz
freeipa-04da7a1eccfacdb195152f94e2a4b63854ef5e82.zip
1 files changed, 2 insertions, 0 deletions
diff --git a/ipa-server/selinux/ipa_kpasswd/ipa_kpasswd.te b/ipa-server/selinux/ipa_kpasswd/ipa_kpasswd.te
index 91e756b4d..a7f50049f 100644
--- a/ipa-server/selinux/ipa_kpasswd/ipa_kpasswd.te
+++ b/ipa-server/selinux/ipa_kpasswd/ipa_kpasswd.te
@@ -36,6 +36,8 @@ miscfiles_read_localization(ipa_kpasswd_t)
 
 kerberos_use(ipa_kpasswd_t)
 
+kernel_read_system_state(ipa_kpasswd_t)
+
 corenet_tcp_sendrecv_all_if(ipa_kpasswd_t)
 corenet_udp_sendrecv_all_if(ipa_kpasswd_t)
 corenet_raw_sendrecv_all_if(ipa_kpasswd_t)
author	Rob Crittenden <rcritten@redhat.com>	2008-04-01 15:40:42 -0400
committer	Rob Crittenden <rcritten@redhat.com>	2008-04-01 15:40:42 -0400
commit	04da7a1eccfacdb195152f94e2a4b63854ef5e82 (patch)
tree	07ed2320adb3ab738857cc1b0c1ce35d268eab81
parent	98f8a313201cdf2c7a2cb573c6e74de18281e2d5 (diff)
download	freeipa-04da7a1eccfacdb195152f94e2a4b63854ef5e82.tar.gz freeipa-04da7a1eccfacdb195152f94e2a4b63854ef5e82.tar.xz freeipa-04da7a1eccfacdb195152f94e2a4b63854ef5e82.zip