commit: 0ce3435159ef02f7e22c79219f14c63e33285d5b Author: Jason Zaman <jason <AT> perfinion <DOT> com> AuthorDate: Mon Feb 9 17:17:40 2015 +0000 Commit: Sven Vermeulen <swift <AT> gentoo <DOT> org> CommitDate: Wed Mar 4 16:57:31 2015 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=0ce34351
salt: allow salt to ps all processes Salt needs to be able to list all processes to check if services are running policy/modules/contrib/salt.te | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policy/modules/contrib/salt.te b/policy/modules/contrib/salt.te index 970b183..4c76ecc 100644 --- a/policy/modules/contrib/salt.te +++ b/policy/modules/contrib/salt.te @@ -269,7 +269,7 @@ corenet_tcp_connect_salt_port(salt_minion_t) dev_read_sysfs(salt_minion_t) domain_dontaudit_exec_all_entry_files(salt_minion_t) -domain_dontaudit_search_all_domains_state(salt_minion_t) +domain_read_all_domains_state(salt_minion_t) files_manage_all_non_security_file_types(salt_minion_t)
