File tree Expand file tree Collapse file tree 2 files changed +6
-1
lines changed
Expand file tree Collapse file tree 2 files changed +6
-1
lines changed Original file line number Diff line number Diff line change @@ -65,6 +65,7 @@ require {
6565 type fixed_disk_device_t;
6666 type nvme_device_t;
6767 type udev_var_run_t;
68+ type cgroup_t;
6869}
6970
7071allow nginx_agent_t bin_t:file { execute execute_no_trans };
@@ -147,4 +148,8 @@ allow nginx_agent_t self:udp_socket { connect create getattr setopt };
147148allow nginx_agent_t fixed_disk_device_t:blk_file getattr;
148149allow nginx_agent_t nvme_device_t:blk_file getattr;
149150allow nginx_agent_t udev_var_run_t:dir search;
150- allow nginx_agent_t udev_var_run_t:file { getattr open read };
151+ allow nginx_agent_t udev_var_run_t:file { getattr open read };
152+
153+ # ============= nginx_agent_t ==============
154+ allow nginx_agent_t cgroup_t:dir search;
155+ allow nginx_agent_t cgroup_t:file { open read };
You can’t perform that action at this time.
0 commit comments