policy for systemd-networkd

Policy needed for systemd-networkd to function. This is based on a patch from krzysztof.a.nowicki at gmail.com that was submitted back in May (I talked to him via email a while ago about me picking up the patch). He was too busy to update and I needed to get it working. I am pretty sure I updated everything mentioned in previous feedback, please comment if something is still off and I will revise. Signed-off-by: Dave Sugar <dsugar@tresys.com>
author: David Sugar <dsugar@tresys.com> 2017-10-11 14:59:08 +0000
committer: Jason Zaman <jason@perfinion.com> 2017-10-29 20:59:50 +0800
commit: c17970cb2afae09ea21a3630bbd02f7f0d402844 (patch)
tree: a26919ca2e433d24c72422a557db215688fd0f33 /policy/modules/system/init.te
parent: files: Whitespace fix. (diff)
download: hardened-refpolicy-c17970cb2afae09ea21a3630bbd02f7f0d402844.tar.gz
hardened-refpolicy-c17970cb2afae09ea21a3630bbd02f7f0d402844.tar.bz2
hardened-refpolicy-c17970cb2afae09ea21a3630bbd02f7f0d402844.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te
index 350554d39..02a9e3b8d 100644
--- a/policy/modules/system/init.te
+++ b/policy/modules/system/init.te
@@ -329,6 +329,7 @@ ifdef(`init_systemd',`
 	files_create_all_pid_sockets(init_t)
 	files_create_all_spool_sockets(init_t)
 	files_create_lock_dirs(init_t)
+	systemd_rw_networkd_netlink_route_sockets(init_t)
 	files_delete_all_pids(init_t)
 	files_delete_all_spool_sockets(init_t)
 	files_exec_generic_pid_files(init_t)
author	David Sugar <dsugar@tresys.com>	2017-10-11 14:59:08 +0000
committer	Jason Zaman <jason@perfinion.com>	2017-10-29 20:59:50 +0800
commit	c17970cb2afae09ea21a3630bbd02f7f0d402844 (patch)
tree	a26919ca2e433d24c72422a557db215688fd0f33 /policy/modules/system/init.te
parent	files: Whitespace fix. (diff)
download	hardened-refpolicy-c17970cb2afae09ea21a3630bbd02f7f0d402844.tar.gz hardened-refpolicy-c17970cb2afae09ea21a3630bbd02f7f0d402844.tar.bz2 hardened-refpolicy-c17970cb2afae09ea21a3630bbd02f7f0d402844.zip