From mboxrd@z Thu Jan  1 00:00:00 1970
From: cpebenito@tresys.com (Christopher J. PeBenito)
Date: Thu, 26 Sep 2013 08:55:28 -0400
Subject: [refpolicy] [PATCH 06/20] logging: syslog (rs:main Q:Reg)
 reading sysctl_vm files (overcommit_memory) in Debian
In-Reply-To: <1380029965-25066-1-git-send-email-dominick.grift@gmail.com>
References: <1380029965-25066-1-git-send-email-dominick.grift@gmail.com>
Message-ID: <52442EC0.5000507@tresys.com>
To: refpolicy@oss.tresys.com
List-Id: refpolicy.oss.tresys.com

On Tue 24 Sep 2013 09:39:25 AM EDT, Dominick Grift wrote:
> Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
> ---
>  policy/modules/system/logging.te | 1 +
>  1 file changed, 1 insertion(+)
>
> diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te
> index 87e3db2..9b450c7 100644
> --- a/policy/modules/system/logging.te
> +++ b/policy/modules/system/logging.te
> @@ -402,6 +402,7 @@ kernel_read_kernel_sysctls(syslogd_t)
>  kernel_read_proc_symlinks(syslogd_t)
>  # Allow access to /proc/kmsg for syslog-ng
>  kernel_read_messages(syslogd_t)
> +kernel_read_vm_sysctls(syslogd_t)
>  kernel_clear_ring_buffer(syslogd_t)
>  kernel_change_ring_buffer_level(syslogd_t)

Merged.

--
Chris PeBenito
Tresys Technology, LLC
www.tresys.com | oss.tresys.com