]> git.ipfire.org Git - people/stevee/selinux-policy.git/blobdiff - policy/modules/services/ntp.te
projects / people / stevee / selinux-policy.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
trunk: Enable open permission checks policy capability.
[people/stevee/selinux-policy.git] / policy / modules / services / ntp.te
diff --git a/policy/modules/services/ntp.te b/policy/modules/services/ntp.te
index 53a815094140183187eb4ed476f0b2404b1c1342..19005e3cf67004f19c1f6b0ab4d87dd1e4e84733 100644 (file)
--- a/policy/modules/services/ntp.te
+++ b/policy/modules/services/ntp.te
@@ -41,7 +41,7 @@ init_system_domain(ntpd_t, ntpdate_exec_t)
 allow ntpd_t self:capability { chown dac_override kill setgid setuid sys_time ipc_lock sys_chroot sys_nice sys_resource };
 dontaudit ntpd_t self:capability { net_admin sys_tty_config fsetid sys_nice };
 allow ntpd_t self:process { signal_perms getcap setcap setsched setrlimit };
-allow ntpd_t self:fifo_file { read write getattr };
+allow ntpd_t self:fifo_file rw_fifo_file_perms;
 allow ntpd_t self:unix_dgram_socket create_socket_perms;
 allow ntpd_t self:unix_stream_socket create_socket_perms;
 allow ntpd_t self:tcp_socket create_stream_socket_perms;
The IPFire selinux policy.