Running iotop as sysadm_r
William
william at firstyear.id.au
Sun Apr 19 23:21:45 UTC 2015
> >
> > optional_policy(`
> > iotop_run(sysadm_t, sysadm_r)
> > ')
> Yes, this is correct way how to make it working.
> >
> > I think that i'm missing something related to the sysadm_r roles. What's
> > the correct way to edit the policy to allow sysadm_r to run iotop_t
> > correctly? Tips would be appreciated.
> >
> >
> It's about netlink_socket against netlink_route_socket. You need to also add
>
> allow iotop_t self:netlink_socket create_socket_perms;
>
> I added it to Fedora.
>
>
Thanks for looking into this. What's the commit link so I can have a
look at what you added?
--
William <william at firstyear.id.au>
More information about the selinux
mailing list