From dfd68800716bed644f9969a1194276dce936c09d Mon Sep 17 00:00:00 2001
From: Boris Ranto <branto@redhat.com>
Date: Mon, 13 Mar 2017 17:51:45 +0100
Subject: [PATCH] selinux: Allow ceph daemons to read net stats

Fixes: http://tracker.ceph.com/issues/19254

Signed-off-by: Boris Ranto <branto@redhat.com>
---
 selinux/ceph.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/selinux/ceph.te b/selinux/ceph.te
index 4eab40d8fc56b..5c6bb8ea29ff1 100644
--- a/selinux/ceph.te
+++ b/selinux/ceph.te
@@ -58,6 +58,7 @@ manage_files_pattern(ceph_t, ceph_var_run_t, ceph_var_run_t)
 manage_lnk_files_pattern(ceph_t, ceph_var_run_t, ceph_var_run_t)
 
 kernel_read_system_state(ceph_t)
+kernel_read_network_state(ceph_t)
 
 corenet_all_recvfrom_unlabeled(ceph_t)
 corenet_all_recvfrom_netlabel(ceph_t)
-- 
2.47.3