diff options
Diffstat (limited to 'src/core/namespace.c')
| -rw-r--r-- | src/core/namespace.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/core/namespace.c b/src/core/namespace.c index 05175e9552..3eb171c702 100644 --- a/src/core/namespace.c +++ b/src/core/namespace.c @@ -100,6 +100,7 @@ static const MountEntry protect_kernel_tunables_table[] = { { "/sys/kernel/debug", READONLY, true }, { "/sys/kernel/tracing", READONLY, true }, { "/sys/fs/cgroup", READWRITE, false }, /* READONLY is set by ProtectControlGroups= option */ + { "/sys/fs/selinux", READWRITE, true }, }; /* ProtectKernelModules= option */ |