commit: b649a2b3c92b17613faaf013a03357399095059e Author: Jason Zaman <jason <AT> perfinion <DOT> com> AuthorDate: Mon Feb 9 17:17:40 2015 +0000 Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> CommitDate: Mon Feb 9 17:17:40 2015 +0000 URL: http://sources.gentoo.org/gitweb/?p=proj/hardened-refpolicy.git;a=commit;h=b649a2b3
salt: allow salt to ps all processes Salt needs to be able to list all processes to check if services are running --- policy/modules/contrib/salt.te | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policy/modules/contrib/salt.te b/policy/modules/contrib/salt.te index 970b183..4c76ecc 100644 --- a/policy/modules/contrib/salt.te +++ b/policy/modules/contrib/salt.te @@ -269,7 +269,7 @@ corenet_tcp_connect_salt_port(salt_minion_t) dev_read_sysfs(salt_minion_t) domain_dontaudit_exec_all_entry_files(salt_minion_t) -domain_dontaudit_search_all_domains_state(salt_minion_t) +domain_read_all_domains_state(salt_minion_t) files_manage_all_non_security_file_types(salt_minion_t)
