commit: 6fb72529ded07f6b66c6c103c3ecd01644d39ed2 Author: Kenton Groombridge <concord <AT> gentoo <DOT> org> AuthorDate: Mon Jun 30 23:44:38 2025 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Tue Jul 15 08:04:54 2025 +0000 URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=6fb72529
matrixd: allow sending signals to itself This is to support sending SIGHUP via 'systemctl reload'. Signed-off-by: Kenton Groombridge <concord <AT> gentoo.org> Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org> policy/modules/services/matrixd.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/services/matrixd.te b/policy/modules/services/matrixd.te index 216f0d536..52396b877 100644 --- a/policy/modules/services/matrixd.te +++ b/policy/modules/services/matrixd.te @@ -51,6 +51,7 @@ files_type(matrixd_var_t) # Local policy # +allow matrixd_t self:process signal; allow matrixd_t self:fifo_file rw_fifo_file_perms; allow matrixd_t self:tcp_socket create_stream_socket_perms; allow matrixd_t self:netlink_route_socket r_netlink_socket_perms;
