From b300765095d05ecb40e23b262183dab6756810f0 Mon Sep 17 00:00:00 2001
From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Tue, 13 May 2014 08:24:38 -0400
Subject: [PATCH] Allow ppp to inherit/use mtp unix datagram socket.

Resolves denials such as:
avc:  denied  { read write } for  path="socket:[33571]" dev="sockfs" ino=33571 scontext=u:r:ppp:s0 tcontext=u:r:mtp:s0 tclass=unix_dgram_socket

Change-Id: Icb1ee00d8513179039bfb738647f49480e836f25
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
 ppp.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ppp.te b/ppp.te
index bcab33909..fb8641aa4 100644
--- a/ppp.te
+++ b/ppp.te
@@ -8,6 +8,7 @@ domain_auto_trans(mtp, ppp_exec, ppp)
 net_domain(ppp)
 
 allow ppp mtp:socket rw_socket_perms;
+allow ppp mtp:unix_dgram_socket rw_socket_perms;
 allow ppp ppp_device:chr_file rw_file_perms;
 allow ppp self:capability net_admin;
 allow ppp system_file:file rx_file_perms;
-- 
GitLab