Last active
January 20, 2017 17:50
-
-
Save gorozco1/0e28abb6b8d20939ba2f842a14ac9053 to your computer and use it in GitHub Desktop.
selinux module to allow cc-proxy to run
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| cc-proxy.te | |
| module cc-proxy 1.0; | |
| require { | |
| type init_t; | |
| type unconfined_service_t; | |
| class unix_stream_socket { bind create listen setopt }; | |
| } | |
| #============= init_t ============== | |
| allow init_t unconfined_service_t:unix_stream_socket listen; | |
| #!!!! This avc is allowed in the current policy | |
| allow init_t unconfined_service_t:unix_stream_socket { bind create setopt }; | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment