commit: 226fa79c75ce0547a30a0058b2142ff783d62038 Author: Marc Schiffbauer <mschiff <AT> gentoo <DOT> org> AuthorDate: Tue Jun 24 15:55:27 2025 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Tue Jul 15 08:04:54 2025 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=226fa79c
iptables: let nft dev_read_urand Signed-off-by: Marc Schiffbauer <mschiff <AT> gentoo.org> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/system/iptables.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/system/iptables.te b/policy/modules/system/iptables.te index 0111c5ba9..7b0ef9df3 100644 --- a/policy/modules/system/iptables.te +++ b/policy/modules/system/iptables.te @@ -69,6 +69,7 @@ corecmd_exec_shell(iptables_t) corenet_relabelto_all_packets(iptables_t) corenet_dontaudit_rw_tun_tap_dev(iptables_t) +dev_read_urand(iptables_t) dev_read_sysfs(iptables_t) dev_dontaudit_write_mtrr(iptables_t)
