allow modprobe to load signed kernel modules
Modprobe requires this permission or the following denial will
prevent loading of signed kernel modules:
audit: type=1400 audit(27331649.656:4): avc: denied { search } for
pid=448 comm="modprobe" scontext=u:r:modprobe:s0 tcontext=u:r:kernel:s0
tclass=key permissive=0
Bug: 62256697
Test: Verified signed module loading on sailfish.
Change-Id: Idde41d1ab58e760398190d6686665a252f1823bb
This commit is contained in:
Steve Muckle
parent
d2b3a4543a
commit
53add31a25
1 changed files with 1 additions and 0 deletions
|
|
@ -2,6 +2,7 @@ type modprobe, domain;
|
|||
|
||||
allow modprobe proc_modules:file r_file_perms;
|
||||
allow modprobe self:capability sys_module;
|
||||
allow modprobe kernel:key search;
|
||||
recovery_only(`
|
||||
allow modprobe rootfs:system module_load;
|
||||
allow modprobe rootfs:file r_file_perms;
|
||||
|
|
|
|||
Loading…
Reference in a new issue