init: allow to access console-ramoops with newer kernels Since linux 3.18, commit 68c4a4f8abc60c9440ede9cd123d48b78325f7a3 has been integrated and requires syslog_read capability a process accessing console-ramoops file. sepolicy must be adapted to this new requirement. Change-Id: Ib4032a6bd96b1828a0154edc8fb510e3c1d3bdc2 Signed-off-by: Sylvain Chouleur <sylvain.chouleur@intel.com>

commit: 9a28f90d6a36d3627ff525a6f3ac160039b27b5e [log] [tgz]
author: Sylvain Chouleur <sylvain.chouleur@intel.com> Wed Jan 27 16:27:23 2016 +0100
committer: Sylvain Chouleur <sylvain.chouleur@intel.com> Wed Jan 27 16:42:31 2016 +0100
tree: 39c776a78079d32a1cd6367698519478d99d9cc7
parent: be0616baf0c0caf8e1c8a4fdc9b488839f6af27d [diff]
diff --git a/init.te b/init.te
index 7346d9a..1baeeee 100644
--- a/init.te
+++ b/init.te

@@ -266,6 +266,7 @@
 # by dm-verity detecting corrupted blocks
 allow init pstorefs:dir search;
 allow init pstorefs:file r_file_perms;
+allow init kernel:system syslog_read;
 
 # linux keyring configuration
 allow init init:key { write search setattr };
commit	9a28f90d6a36d3627ff525a6f3ac160039b27b5e	[log] [tgz]
author	Sylvain Chouleur <sylvain.chouleur@intel.com>	Wed Jan 27 16:27:23 2016 +0100
committer	Sylvain Chouleur <sylvain.chouleur@intel.com>	Wed Jan 27 16:42:31 2016 +0100
tree	39c776a78079d32a1cd6367698519478d99d9cc7
parent	be0616baf0c0caf8e1c8a4fdc9b488839f6af27d [diff]