From a672fbbb107afe2529f68b4c4ad8841d97c5ddb2 Mon Sep 17 00:00:00 2001 From: Michal Schorm Date: Sat, 18 Nov 2023 13:05:06 +0100 Subject: [PATCH] 2nd attempt to fix rhbz#2186996 rhbz#2221433 rhbz#2245705 I verified the policy compiles successfuly in Fedora before pushing --- mysql.te | 3 +++ 1 file changed, 3 insertions(+) diff --git a/mysql.te b/mysql.te index 610c052..656d4f9 100644 --- a/mysql.te +++ b/mysql.te @@ -76,6 +76,9 @@ allow mysqld_t self:unix_stream_socket create_stream_socket_perms; allow mysqld_t self:tcp_socket create_stream_socket_perms; allow mysqld_t self:udp_socket create_socket_perms; +kernel_read_network_state(mysqld_t) +kernel_read_net_sysctls(mysqld_t) + manage_dirs_pattern(mysqld_t, mysqld_db_t, mysqld_db_t) manage_files_pattern(mysqld_t, mysqld_db_t, mysqld_db_t) manage_sock_files_pattern(mysqld_t, mysqld_db_t, mysqld_db_t)