Written by: Martin Orr

Allow wpa_supplicant to create generic netlink sockets.
This is needed for the nl80211 driver.

type=SYSCALL msg=audit(1302960146.848:29): arch=c000003e syscall=41 success=no exit=-13 a0=10 a1=3 a2=10 a3=0 items=0 ppid=8551 pid=8555 auid=4294967295 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts4 ses=4294967295 comm="wpa_supplicant" exe="/sbin/wpa_supplicant" subj=system_u:system_r:NetworkManager_t:s0 key=(null)
type=AVC msg=audit(1302960146.848:29): avc:  denied  { create } for  pid=8555 comm="wpa_supplicant" scontext=system_u:system_r:NetworkManager_t:s0 tcontext=system_u:system_r:NetworkManager_t:s0 tclass=netlink_socket

Index: policy/modules/services/networkmanager.te
===================================================================
--- policy/modules/services/networkmanager.te.orig
+++ policy/modules/services/networkmanager.te
@@ -41,6 +41,7 @@
 allow NetworkManager_t self:fifo_file rw_fifo_file_perms;
 allow NetworkManager_t self:unix_dgram_socket { sendto create_socket_perms };
 allow NetworkManager_t self:unix_stream_socket create_stream_socket_perms;
+allow NetworkManager_t self:netlink_socket create_socket_perms;
 allow NetworkManager_t self:netlink_route_socket create_netlink_socket_perms;
 allow NetworkManager_t self:netlink_kobject_uevent_socket create_socket_perms;
 allow NetworkManager_t self:tcp_socket create_stream_socket_perms;