ts3: Allow mmap()

author Ralf Ertzinger <ralf@skytale.net>

Sat, 11 May 2019 16:02:34 +0000 (16:02 +0000)

committer Ralf Ertzinger <ralf@skytale.net>

Sat, 11 May 2019 16:02:34 +0000 (16:02 +0000)
author Ralf Ertzinger <ralf@skytale.net>
Sat, 11 May 2019 16:02:34 +0000 (16:02 +0000)
committer Ralf Ertzinger <ralf@skytale.net>
Sat, 11 May 2019 16:02:34 +0000 (16:02 +0000)
diff --git a/ts3/ts3.te b/ts3/ts3.te

index 3688ad6..1700cf3 100644 (file)
--- a/ts3/ts3.te
+++ b/ts3/ts3.te
@@ -1,4 +1,4 @@
-policy_module(ts3, 0.1.23)
+policy_module(ts3, 0.1.28)
  
  # File context for the executable process
  type ts3_t;
@@ -23,11 +23,15 @@ allow ts3_t self:tcp_socket { create_stream_socket_perms connected_stream_socket
  
  read_files_pattern(ts3_t, ts3_ro_t, ts3_ro_t)
  list_dirs_pattern(ts3_t, ts3_ro_t, ts3_ro_t)
+mmap_exec_files_pattern(ts3_t, ts3_ro_t, ts3_ro_t)
  
  manage_files_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
  manage_dirs_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
+mmap_exec_files_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
  setattr_files_pattern(ts3_t, ts3_rw_t, ts3_rw_t)
  
+mmap_exec_files_pattern(ts3_t, tmpfs_t, tmpfs_t)
+
  sysnet_dns_name_resolve(ts3_t)
  
  # Needed to load shared libraries
author	Ralf Ertzinger <ralf@skytale.net>
	Sat, 11 May 2019 16:02:34 +0000 (16:02 +0000)
committer	Ralf Ertzinger <ralf@skytale.net>
	Sat, 11 May 2019 16:02:34 +0000 (16:02 +0000)