File tree Expand file tree Collapse file tree 1 file changed +7
-4
lines changed Expand file tree Collapse file tree 1 file changed +7
-4
lines changed Original file line number Diff line number Diff line change @@ -4,12 +4,15 @@ require {
44 type logrotate_t;
55 type container_runtime_exec_t;
66 type usr_t;
7+ type container_var_run_t;
8+ type sysctl_net_t;
79 class file { read open getattr append execute execute_no_trans map };
10+ class sock_file write;
11+ class dir search;
812}
913
1014# ============= logrotate_t ==============
11-
12- allow logrotate_t container_runtime_exec_t:file { read open getattr };
13- allow logrotate_t container_runtime_exec_t:file { execute execute_no_trans };
14- allow logrotate_t container_runtime_exec_t:file map;
15+ allow logrotate_t container_runtime_exec_t:file { read open getattr execute execute_no_trans map };
1516allow logrotate_t usr_t:file append;
17+ allow logrotate_t container_var_run_t:sock_file write;
18+ allow logrotate_t sysctl_net_t:dir search;
You can’t perform that action at this time.
0 commit comments