From: Dan Walsh <dwalsh@redhat.com>
Date: Wed, 21 Dec 2011 16:29:15 +0000 (+0000)
Subject: Noticed on my RHEL6 box that rhsmcertd needed these access
X-Git-Tag: 000~9
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=89415143c28541b342ca3fdc6045999be4a19daa;p=people%2Fstevee%2Fselinux-policy.git

Noticed on my RHEL6 box that rhsmcertd needed these access
---

diff --git a/policy/modules/services/rhsmcertd.te b/policy/modules/services/rhsmcertd.te
index 4d1d0c7a..c0952a32 100644
--- a/policy/modules/services/rhsmcertd.te
+++ b/policy/modules/services/rhsmcertd.te
@@ -44,14 +44,18 @@ manage_files_pattern(rhsmcertd_t, rhsmcertd_var_lib_t, rhsmcertd_var_lib_t)
 manage_dirs_pattern(rhsmcertd_t, rhsmcertd_var_run_t, rhsmcertd_var_run_t)
 manage_files_pattern(rhsmcertd_t, rhsmcertd_var_run_t, rhsmcertd_var_run_t)
 
+kernel_read_network_state(rhsmcertd_t)
 kernel_read_system_state(rhsmcertd_t)
 
+files_list_tmp(rhsmcertd_t)
+
 corecmd_exec_bin(rhsmcertd_t)
 
 dev_read_urand(rhsmcertd_t)
 
 files_read_etc_files(rhsmcertd_t)
 files_read_usr_files(rhsmcertd_t)
+files_manage_generic_locks(rhsmcertd_t)
 
 miscfiles_read_localization(rhsmcertd_t)
 miscfiles_read_certs(rhsmcertd_t)