Allow systemd-ssh-generator to load net-pf-40 #2329
Closed
Commits on Aug 28, 2024
-
Allow systemd-ssh-generator to load net-pf-40
see: https://www.freedesktop.org/software/systemd/man/devel/systemd-ssh-generator.html "systemd-ssh-generator binds a socket-activated SSH server to local AF_VSOCK" and modinfo suggests net-pf-40 to be the kernel modules for virtual sockets Fixes: > Aug 22 05:17:20 localhost kernel: audit: type=1400 audit(1724303839.663:5): avc: denied { module_request } for pid=593 comm="systemd-ssh-gen" kmod="net-pf-40" scontext=system_u:system_r:systemd_ssh_generator_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=system permissive=0 Signed-off-by: Cathy Hu <[email protected]>
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.