SELinux Policy: let custodia_t map custodia_tmp_t

This is used by the JVM perf counters.

Related: https://pagure.io/freeipa/issue/8488
Signed-off-by: François Cami <fcami@redhat.com>
Reviewed-By: Alexander Bokovoy <abokovoy@redhat.com>
Reviewed-By: Christian Heimes <cheimes@redhat.com>
Reviewed-By: Rob Crittenden <rcritten@redhat.com>
Reviewed-By: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-By: Lukas Vrabec <lvrabec@redhat.com>
Reviewed-By: Zdenek Pytela <zpytela@redhat.com>
Reviewed-By: Thomas Woerner <twoerner@redhat.com>
This commit is contained in:
François Cami 2020-09-18 17:45:39 +02:00
parent 7823da0630
commit ea9db4a903

View File

@ -347,6 +347,7 @@ logging_log_filetrans(ipa_custodia_t, ipa_custodia_log_t, { dir file })
manage_dirs_pattern(ipa_custodia_t, ipa_custodia_tmp_t, ipa_custodia_tmp_t)
manage_files_pattern(ipa_custodia_t, ipa_custodia_tmp_t, ipa_custodia_tmp_t)
mmap_exec_files_pattern(ipa_custodia_t, ipa_custodia_tmp_t, ipa_custodia_tmp_t)
files_tmp_filetrans(ipa_custodia_t, ipa_custodia_tmp_t, { dir file })
kernel_dgram_send(ipa_custodia_t)