fine-grained policy for access to /proc/zoneinfo Change-Id: Ica9a16311075f5cc3744d0e0833ed876e201029f

commit: 7078e8b67a54629aa5b3b427bece3ade3760ff0d [log] [tgz]
author: Daniel Micay <danielmicay@gmail.com> Mon Aug 08 13:48:01 2016 -0400
committer: Daniel Micay <danielmicay@gmail.com> Mon Aug 08 13:48:01 2016 -0400
tree: ab81e82c5e4b10312d06a58f11386ed1462258e7
parent: 9cc3a580c55f2114a816a151d0df5134dce7fa8e [diff] [blame]
diff --git a/genfs_contexts b/genfs_contexts
index 57b967c..bb2fea9 100644
--- a/genfs_contexts
+++ b/genfs_contexts

@@ -31,6 +31,7 @@
 genfscon proc /timer_stats u:object_r:proc_timer:s0
 genfscon proc /uid_cputime/show_uid_stat u:object_r:proc_uid_cputime_showstat:s0
 genfscon proc /uid_cputime/remove_uid_range u:object_r:proc_uid_cputime_removeuid:s0
+genfscon proc /zoneinfo u:object_r:proc_zoneinfo:s0
 
 # selinuxfs booleans can be individually labeled.
 genfscon selinuxfs / u:object_r:selinuxfs:s0
commit	7078e8b67a54629aa5b3b427bece3ade3760ff0d	[log] [tgz]
author	Daniel Micay <danielmicay@gmail.com>	Mon Aug 08 13:48:01 2016 -0400
committer	Daniel Micay <danielmicay@gmail.com>	Mon Aug 08 13:48:01 2016 -0400
tree	ab81e82c5e4b10312d06a58f11386ed1462258e7
parent	9cc3a580c55f2114a816a151d0df5134dce7fa8e [diff] [blame]