From 105612f230e430ed3f9ed39c880c9de2c330b7e0 Mon Sep 17 00:00:00 2001 From: xujie Date: Thu, 25 May 2023 22:33:06 +0800 Subject: [PATCH] =?UTF-8?q?=E4=BF=AE=E6=94=B9dhcp-netsys=E4=B8=8B=E6=B2=89?= =?UTF-8?q?selinux=E6=9D=83=E9=99=90?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: xujie --- .../communication/netmanager/system/netsysnative.te | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te b/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te index b9f23ecdf..844036ac0 100644 --- a/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te +++ b/sepolicy/ohos_policy/communication/netmanager/system/netsysnative.te @@ -38,11 +38,14 @@ allow netsysnative netsysnative:netlink_kobject_uevent_socket { listen }; allow netsysnative system_bin_file:lnk_file { read }; allow netsysnative accessibility_param:file { read open map }; allow netsysnative data_service_file:dir { search }; -allow netsysnative data_service_el1_file:dir { search write add_name }; -allow netsysnative data_service_el1_file:file { create write open ioctl read }; +allow netsysnative data_service_el1_file:dir { search write add_name create remove_name }; +allow netsysnative data_service_el1_file:file { create write open ioctl read getattr setattr unlink lock }; allow netsysnative fwmark_service:sock_file { create unlink setattr write }; allow netsysnative dnsproxy_service:sock_file { create unlink setattr }; allow netsysnative netsysnative:process { setfscreate }; +allow netsysnative netsysnative:packet_socket { create bind write read }; +allow netsysnative sa_foundation_cesfwk_service:samgr_class { get }; +allow netsysnative foundation:binder { call transfer }; allow netsysnative normal_hap_attr:fd { use }; allow netsysnative normal_hap_attr:tcp_socket { read write getopt setopt }; allow netsysnative normal_hap_attr:unix_dgram_socket { read write getopt setopt }; -- Gitee