mirror of
https://github.com/Icinga/icinga2.git
synced 2026-04-22 06:36:58 -04:00
Merge pull request #10726 from Icinga/selinux-getattr-fix
Some checks failed
Container Image / Container Image (push) Has been cancelled
Linux / alpine:bash (push) Has been cancelled
Linux / amazonlinux:2 (push) Has been cancelled
Linux / amazonlinux:2023 (push) Has been cancelled
Linux / debian:11 (linux/386) (push) Has been cancelled
Linux / debian:11 (push) Has been cancelled
Linux / debian:12 (linux/386) (push) Has been cancelled
Linux / debian:12 (push) Has been cancelled
Linux / debian:13 (push) Has been cancelled
Linux / fedora:41 (push) Has been cancelled
Linux / fedora:42 (push) Has been cancelled
Linux / fedora:43 (push) Has been cancelled
Linux / opensuse/leap:15.6 (push) Has been cancelled
Linux / opensuse/leap:16.0 (push) Has been cancelled
Linux / registry.suse.com/bci/bci-base:16.0 (push) Has been cancelled
Linux / registry.suse.com/suse/sle15:15.6 (push) Has been cancelled
Linux / registry.suse.com/suse/sle15:15.7 (push) Has been cancelled
Linux / rockylinux/rockylinux:10 (push) Has been cancelled
Linux / rockylinux:8 (push) Has been cancelled
Linux / rockylinux:9 (push) Has been cancelled
Linux / ubuntu:22.04 (push) Has been cancelled
Linux / ubuntu:24.04 (push) Has been cancelled
Linux / ubuntu:25.04 (push) Has been cancelled
Linux / ubuntu:25.10 (push) Has been cancelled
Windows / Windows (push) Has been cancelled
Some checks failed
Container Image / Container Image (push) Has been cancelled
Linux / alpine:bash (push) Has been cancelled
Linux / amazonlinux:2 (push) Has been cancelled
Linux / amazonlinux:2023 (push) Has been cancelled
Linux / debian:11 (linux/386) (push) Has been cancelled
Linux / debian:11 (push) Has been cancelled
Linux / debian:12 (linux/386) (push) Has been cancelled
Linux / debian:12 (push) Has been cancelled
Linux / debian:13 (push) Has been cancelled
Linux / fedora:41 (push) Has been cancelled
Linux / fedora:42 (push) Has been cancelled
Linux / fedora:43 (push) Has been cancelled
Linux / opensuse/leap:15.6 (push) Has been cancelled
Linux / opensuse/leap:16.0 (push) Has been cancelled
Linux / registry.suse.com/bci/bci-base:16.0 (push) Has been cancelled
Linux / registry.suse.com/suse/sle15:15.6 (push) Has been cancelled
Linux / registry.suse.com/suse/sle15:15.7 (push) Has been cancelled
Linux / rockylinux/rockylinux:10 (push) Has been cancelled
Linux / rockylinux:8 (push) Has been cancelled
Linux / rockylinux:9 (push) Has been cancelled
Linux / ubuntu:22.04 (push) Has been cancelled
Linux / ubuntu:24.04 (push) Has been cancelled
Linux / ubuntu:25.04 (push) Has been cancelled
Linux / ubuntu:25.10 (push) Has been cancelled
Windows / Windows (push) Has been cancelled
SELinux: allow to query attrs of a filesystem
This commit is contained in:
commit
e449feca8d
1 changed files with 7 additions and 0 deletions
|
|
@ -151,6 +151,13 @@ kernel_read_system_state(icinga2_t)
|
|||
kernel_read_network_state(icinga2_t)
|
||||
kernel_dgram_send(icinga2_t)
|
||||
|
||||
# On some Linux distributions, boost::filesystem::copy_file emits a `fstatfs` syscall to query the filesystem metadata
|
||||
# to determine if it can use `copy_file_range` or if it needs to fall back to a read/write loop. Denying this syscall
|
||||
# does not cause any functional issues, as the fallback logic is also used in case of EACCES, but it prevents the use
|
||||
# of `copy_file_range` which can lead to significant performance improvements when copying large files.
|
||||
# For more details see https://github.com/Icinga/icinga2/issues/10711.
|
||||
fs_getattr_xattr_fs(icinga2_t)
|
||||
|
||||
# should be moved to nagios_plugin_template in nagios.if
|
||||
icinga2_execstrans(nagios_admin_plugin_exec_t, nagios_admin_plugin_t)
|
||||
icinga2_execstrans(nagios_checkdisk_plugin_exec_t, nagios_checkdisk_plugin_t)
|
||||
|
|
|
|||
Loading…
Reference in a new issue