[selinux-policy: 2412/3172] Ssh key creation fix from Gentoo.
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 7 22:34:03 UTC 2010
commit d08a3df046cd628d2e5b8e0897b30aded1a6747f
Author: Chris PeBenito <pebenito at gentoo.org>
Date: Wed Feb 17 20:32:08 2010 -0500
Ssh key creation fix from Gentoo.
policy/modules/services/ssh.if | 3 ++-
policy/modules/services/ssh.te | 2 +-
2 files changed, 3 insertions(+), 2 deletions(-)
---
diff --git a/policy/modules/services/ssh.if b/policy/modules/services/ssh.if
index 7c79b4a..141ca93 100644
--- a/policy/modules/services/ssh.if
+++ b/policy/modules/services/ssh.if
@@ -183,7 +183,7 @@ template(`ssh_server_template', `
allow $1_t self:capability { kill sys_chroot sys_resource chown dac_override fowner fsetid setgid setuid sys_tty_config };
allow $1_t self:fifo_file rw_fifo_file_perms;
- allow $1_t self:process { signal getsched setsched setrlimit setexec };
+ allow $1_t self:process { signal getsched setsched setrlimit setexec setkeycreate };
allow $1_t self:tcp_socket create_stream_socket_perms;
allow $1_t self:udp_socket create_socket_perms;
# ssh agent connections:
@@ -242,6 +242,7 @@ template(`ssh_server_template', `
miscfiles_read_localization($1_t)
+ userdom_create_all_users_keys($1_t)
userdom_dontaudit_relabelfrom_user_ptys($1_t)
userdom_search_user_home_dirs($1_t)
diff --git a/policy/modules/services/ssh.te b/policy/modules/services/ssh.te
index b42ec01..d44327b 100644
--- a/policy/modules/services/ssh.te
+++ b/policy/modules/services/ssh.te
@@ -1,5 +1,5 @@
-policy_module(ssh, 2.1.1)
+policy_module(ssh, 2.1.2)
########################################
#
More information about the scm-commits
mailing list