diff options
Diffstat (limited to 'policy/modules/services/kubernetes.te')
| -rw-r--r-- | policy/modules/services/kubernetes.te | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/policy/modules/services/kubernetes.te b/policy/modules/services/kubernetes.te index 58292de8..3ba66629 100644 --- a/policy/modules/services/kubernetes.te +++ b/policy/modules/services/kubernetes.te @@ -393,6 +393,7 @@ container_relabel_all_content(kubelet_t) container_manage_log_dirs(kubelet_t) container_manage_log_files(kubelet_t) container_manage_log_symlinks(kubelet_t) +container_watch_log_dirs(kubelet_t) container_watch_log_files(kubelet_t) container_log_filetrans(kubelet_t, { dir file }) @@ -617,6 +618,8 @@ userdom_use_user_terminals(kubectl_domain) # kubectl local policy # +kernel_dontaudit_getattr_proc(kubectl_t) + auth_use_nsswitch(kubectl_t) # not required, but convenient for using config commands |