From eadf55a46c69bd5d6920fff03ae6c708ef7c1829 Mon Sep 17 00:00:00 2001
From: maminjie <maminjie1@huawei.com>
Date: Thu, 19 Nov 2020 10:27:55 +0800
Subject: [PATCH] Remove unsupported permission names

---
 selinux/openvswitch-custom.te.in | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/selinux/openvswitch-custom.te.in b/selinux/openvswitch-custom.te.in
index 2adaf23..b2c63ab 100644
--- a/selinux/openvswitch-custom.te.in
+++ b/selinux/openvswitch-custom.te.in
@@ -78,8 +78,8 @@ domtrans_pattern(openvswitch_t, openvswitch_load_module_exec_t, openvswitch_load
 
 #============= openvswitch_t ==============
 allow openvswitch_t self:capability { dac_override audit_write net_broadcast net_raw };
-allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay audit_write read write };
-allow openvswitch_t self:netlink_netfilter_socket { create nlmsg_relay audit_write read write };
+allow openvswitch_t self:netlink_audit_socket { create nlmsg_relay  read write };
+allow openvswitch_t self:netlink_netfilter_socket { create read write };
 @begin_dpdk@
 allow openvswitch_t self:netlink_rdma_socket { setopt bind create };
 @end_dpdk@
-- 
2.23.0