From: Dan Walsh <dwalsh@redhat.com>
Date: Wed, 23 Nov 2011 20:02:39 +0000 (-0500)
Subject: Namespace_init needs to execute shell
X-Git-Tag: 000~81
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=b97849f22d7ed2e728bc322fbbaa4801c4420d2b;p=people%2Fstevee%2Fselinux-policy.git

Namespace_init needs to execute shell
---

diff --git a/policy/modules/apps/namespace.te b/policy/modules/apps/namespace.te
index 6d4ec21c..a337d62f 100644
--- a/policy/modules/apps/namespace.te
+++ b/policy/modules/apps/namespace.te
@@ -22,6 +22,8 @@ allow namespace_init_t self:unix_stream_socket create_stream_socket_perms;
 
 kernel_read_system_state(namespace_init_t)
 
+corecmd_exec_shell(namespace_init_t)
+
 domain_use_interactive_fds(namespace_init_t)
 
 files_read_etc_files(namespace_init_t)