Skip to content

Commit

Permalink
systemd: add networkd rules required at least since version 256
Browse files Browse the repository at this point in the history
systemd-network-generator.service unit fails without:
  fs_list_tmpfs(systemd_networkd_t)

allow rw to
/sys/fs/cgroup/system.slice/systemd-networkd.service/memory.pressure
  fs_rw_cgroup_files(systemd_networkd_t)

Signed-off-by: Marc Schiffbauer <[email protected]>
  • Loading branch information
mschiff committed Nov 26, 2024
1 parent d5d2995 commit a37bce2
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions policy/modules/system/systemd.te
Original file line number Diff line number Diff line change
Expand Up @@ -1323,6 +1323,8 @@ fs_getattr_all_fs(systemd_networkd_t)
fs_search_cgroup_dirs(systemd_networkd_t)
fs_read_nsfs_files(systemd_networkd_t)
fs_watch_memory_pressure(systemd_networkd_t)
fs_list_tmpfs(systemd_networkd_t)
fs_rw_cgroup_files(systemd_networkd_t)

auth_use_nsswitch(systemd_networkd_t)

Expand Down

0 comments on commit a37bce2

Please sign in to comment.