init: allow to access console-ramoops with newer kernels
Since linux 3.18, commit 68c4a4f8abc60c9440ede9cd123d48b78325f7a3 has been integrated and requires syslog_read capability a process accessing console-ramoops file. sepolicy must be adapted to this new requirement. Change-Id: Ib4032a6bd96b1828a0154edc8fb510e3c1d3bdc2 Signed-off-by: Sylvain Chouleur <sylvain.chouleur@intel.com>
This commit is contained in:
parent
be0616baf0
commit
9a28f90d6a
1
init.te
1
init.te
@ -266,6 +266,7 @@ allow init metadata_block_device:blk_file rw_file_perms;
|
||||
# by dm-verity detecting corrupted blocks
|
||||
allow init pstorefs:dir search;
|
||||
allow init pstorefs:file r_file_perms;
|
||||
allow init kernel:system syslog_read;
|
||||
|
||||
# linux keyring configuration
|
||||
allow init init:key { write search setattr };
|
||||
|
Loading…
Reference in New Issue
Block a user