From e49e0ad89ec418cc13420e25bf92ccf47aeb4f4a Mon Sep 17 00:00:00 2001 From: Kenton Groombridge Date: Thu, 27 Jun 2024 13:18:45 -0400 Subject: netutils: allow ping to read net sysctls ping will check whether IPv6 is disabled. Signed-off-by: Kenton Groombridge Signed-off-by: Jason Zaman --- policy/modules/admin/netutils.te | 1 + 1 file changed, 1 insertion(+) diff --git a/policy/modules/admin/netutils.te b/policy/modules/admin/netutils.te index a19369e96..63d2f9cb8 100644 --- a/policy/modules/admin/netutils.te +++ b/policy/modules/admin/netutils.te @@ -135,6 +135,7 @@ domain_use_interactive_fds(ping_t) files_read_etc_files(ping_t) +kernel_read_net_sysctls(ping_t) kernel_read_system_state(ping_t) auth_use_nsswitch(ping_t) -- cgit v1.2.3-65-gdbad