node_exporter: allow reading RPC sysctls

For NFS mounts. Signed-off-by: Kenton Groombridge <concord@gentoo.org> Signed-off-by: Jason Zaman <perfinion@gentoo.org>
author: Kenton Groombridge <concord@gentoo.org> 2024-06-27 14:22:19 -0400
committer: Jason Zaman <perfinion@gentoo.org> 2024-09-21 15:28:29 -0700
commit: 4f7c2ebc5da00db2582b5ea932d8da2acb9ea089 (patch)
tree: 81f0265b6f1b0a238c18500529ec6b2b495a286e
parent: asterisk: allow reading certbot lib (diff)
download: hardened-refpolicy-4f7c2ebc5da00db2582b5ea932d8da2acb9ea089.tar.gz
hardened-refpolicy-4f7c2ebc5da00db2582b5ea932d8da2acb9ea089.tar.bz2
hardened-refpolicy-4f7c2ebc5da00db2582b5ea932d8da2acb9ea089.zip
1 files changed, 1 insertions, 0 deletions
diff --git a/policy/modules/services/node_exporter.te b/policy/modules/services/node_exporter.te
index 68af70eab..2d5ed2978 100644
--- a/policy/modules/services/node_exporter.te
+++ b/policy/modules/services/node_exporter.te
@@ -59,6 +59,7 @@ kernel_read_fs_sysctls(node_exporter_t)
 kernel_read_kernel_sysctls(node_exporter_t)
 kernel_read_net_sysctls(node_exporter_t)
 kernel_read_network_state(node_exporter_t)
+kernel_read_rpc_sysctls(node_exporter_t)
 kernel_read_software_raid_state(node_exporter_t)
 kernel_read_system_state(node_exporter_t)
author	Kenton Groombridge <concord@gentoo.org>	2024-06-27 14:22:19 -0400
committer	Jason Zaman <perfinion@gentoo.org>	2024-09-21 15:28:29 -0700
commit	4f7c2ebc5da00db2582b5ea932d8da2acb9ea089 (patch)
tree	81f0265b6f1b0a238c18500529ec6b2b495a286e
parent	asterisk: allow reading certbot lib (diff)
download	hardened-refpolicy-4f7c2ebc5da00db2582b5ea932d8da2acb9ea089.tar.gz hardened-refpolicy-4f7c2ebc5da00db2582b5ea932d8da2acb9ea089.tar.bz2 hardened-refpolicy-4f7c2ebc5da00db2582b5ea932d8da2acb9ea089.zip