diff options
Diffstat (limited to 'policy/modules/services/container.te')
| -rw-r--r-- | policy/modules/services/container.te | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/services/container.te b/policy/modules/services/container.te index 68aa97ae5..095308a13 100644 --- a/policy/modules/services/container.te +++ b/policy/modules/services/container.te @@ -982,6 +982,7 @@ allow spc_t self:alg_socket create_stream_socket_perms; allow spc_t self:netlink_audit_socket { create_netlink_socket_perms nlmsg_relay }; allow spc_t self:netlink_generic_socket create_socket_perms; allow spc_t self:netlink_netfilter_socket create_socket_perms; +allow spc_t self:netlink_tcpdiag_socket nlmsg_read; allow spc_t self:netlink_xfrm_socket create_netlink_socket_perms; allow spc_t self:perf_event { cpu kernel open read }; |