diff --git a/linux_health.te b/linux_health.te index 4d755f42369a9bbf9fb8184d5b42d1ca1e43e20c..968d0794120056b299d166cb31573706b02354b5 100644 --- a/linux_health.te +++ b/linux_health.te @@ -1,13 +1,15 @@ -module linux_health 1.0; +module linux_health 1.1; require { type snmpd_t; type root_t; class file { setattr read create getattr write ioctl unlink open }; class dir { write remove_name add_name }; + class capability dac_override; } #============= snmpd_t ============== allow snmpd_t root_t:dir { write remove_name add_name }; allow snmpd_t root_t:file { setattr read create ioctl write getattr unlink open }; +allow snmpd_t self:capability dac_override;