From: Linda K. <lin...@hp...> - 2011-11-23 22:23:34
|
This seems to be needed for the local ipsec udp tests, although they still don't work. Signed-off-by: Linda Knippers <lin...@hp...> --- audit/utils/selinux-policy/lspp_test.te | 5 ++++- 1 files changed, 4 insertions(+), 1 deletions(-) diff --git a/audit/utils/selinux-policy/lspp_test.te b/audit/utils/selinux-policy/lspp_test.te index 6aaf8ff..5532cc4 100644 --- a/audit/utils/selinux-policy/lspp_test.te +++ b/audit/utils/selinux-policy/lspp_test.te @@ -32,7 +32,7 @@ define(`ROLES_ALL',`sysadm_r secadm_r auditadm_r staff_r') # the policy_module() and gen_require() statements. # -policy_module(lspp_test,6.3.12) +policy_module(lspp_test,6.3.13) # we really shouldn't be accessing these policy constructs directly but there # isn't always a policy interface available for what we want to do, so just @@ -396,6 +396,9 @@ allow ipsec_t lspp_harness_t:association setcontext; allow ipsec_t ipsec_spd_t:association setcontext; allow ipsec_t lspp_test_ipsec_t:association setcontext; +# needed for ip commands that get initiated during tests +allow ifconfig_t lspp_test_ipsec_t:association setcontext; + # needed for cron tests - this may be temporary as if these # are really needed, they're probably needed in the mls policy allow crond_t cronjob_t:key create; -- 1.7.4.4 |