veux: sepolicy: Allow system_app to access zram sysfs nodes

04-22 09:15:37.459 19569 19569 I auditd : type=1400 audit(0.0:570): avc: denied { search } for comm="pool-2-thread-1" name="zram0" dev="sysfs" ino=48559 scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_zram:s0 tclass=dir permissive=0 04-22 09:15:37.459 19569 19569 I auditd : type=1400 audit(0.0:571): avc: denied { search } for comm="pool-2-thread-1" name="zram0" dev="sysfs" ino=48559 scontext=u:r:system_app:s0 tcontext=u:object_r:sysfs_zram:s0 tclass=dir permissive=0
author: Ivan Vecera <ivan@cera.cz> 2022-03-23 10:57:42 -0300
committer: sinanmohd <pcmsinan@gmail.com> 2023-01-05 21:30:23 +0530
commit: 1daa2bf03465c0b8e5279b89a2303f9aa6937079 (patch)
tree: 2e0415fdd8a4ebb3b4e7bdd24d1613eeda4ee4dd /sepolicy
parent: a99906babb724e71029e014d38ed4b394637d3ce (diff)
1 files changed, 2 insertions, 0 deletions
diff --git a/sepolicy/private/system_app.te b/sepolicy/private/system_app.te
new file mode 100644
index 0000000..5ce4031
--- /dev/null
+++ b/sepolicy/private/system_app.te
@@ -0,0 +1,2 @@
+allow system_app sysfs_zram:dir search;
+allow system_app sysfs_zram:file r_file_perms;
+\ No newline at end of file
author	Ivan Vecera <ivan@cera.cz>	2022-03-23 10:57:42 -0300
committer	sinanmohd <pcmsinan@gmail.com>	2023-01-05 21:30:23 +0530
commit	1daa2bf03465c0b8e5279b89a2303f9aa6937079 (patch)
tree	2e0415fdd8a4ebb3b4e7bdd24d1613eeda4ee4dd /sepolicy
parent	a99906babb724e71029e014d38ed4b394637d3ce (diff)