[selinux-policy/f16] Allow systemd_passwd to talk to sock_files in systemd_passwd_var_run_t directories
Daniel J Walsh
dwalsh at fedoraproject.org
Thu Oct 20 20:12:13 UTC 2011
commit 04b40f11a02053b76a93e4e60a6de72035b556d2
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Oct 20 16:12:09 2011 -0400
Allow systemd_passwd to talk to sock_files in systemd_passwd_var_run_t directories
policy-systemd-passwd.patch | 12 ++++++++++++
selinux-policy.spec | 7 ++++++-
2 files changed, 18 insertions(+), 1 deletions(-)
---
diff --git a/policy-systemd-passwd.patch b/policy-systemd-passwd.patch
new file mode 100644
index 0000000..6c43a60
--- /dev/null
+++ b/policy-systemd-passwd.patch
@@ -0,0 +1,12 @@
+diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
+index 1449552..a84b8e7 100644
+--- a/policy/modules/system/systemd.te
++++ b/policy/modules/system/systemd.te
+@@ -151,6 +151,7 @@ allow systemd_passwd_agent_t self:unix_dgram_socket create_socket_perms;
+
+ manage_dirs_pattern(systemd_passwd_agent_t, systemd_passwd_var_run_t, systemd_passwd_var_run_t);
+ manage_files_pattern(systemd_passwd_agent_t, systemd_passwd_var_run_t, systemd_passwd_var_run_t);
++manage_sock_files_pattern(systemd_passwd_agent_t, systemd_passwd_var_run_t, systemd_passwd_var_run_t);
+ manage_fifo_files_pattern(systemd_passwd_agent_t, systemd_passwd_var_run_t, systemd_passwd_var_run_t);
+ init_pid_filetrans(systemd_passwd_agent_t, systemd_passwd_var_run_t, { dir fifo_file file })
+
diff --git a/selinux-policy.spec b/selinux-policy.spec
index e8ddadd..f1578a4 100644
--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@@ -17,11 +17,12 @@
Summary: SELinux policy configuration
Name: selinux-policy
Version: 3.10.0
-Release: 45%{?dist}
+Release: 45.1%{?dist}
License: GPLv2+
Group: System Environment/Base
Source: serefpolicy-%{version}.tgz
patch: policy-F16.patch
+patch1: policy-systemd-passwd.patch
Source1: modules-targeted.conf
Source2: booleans-targeted.conf
Source3: Makefile.devel
@@ -235,6 +236,7 @@ Based off of reference policy: Checked out revision 2.20091117
%prep
%setup -n serefpolicy-%{version} -q
%patch -p1
+%patch1 -p1
%install
mkdir selinux_config
@@ -466,6 +468,9 @@ SELinux Reference policy mls base module.
%endif
%changelog
+* Thu Oct 20 2011 Dan Walsh <dwalsh at redhat.com> 3.10.0-45.1
+- Allow systemd_passwd to talk to sock_files in systemd_passwd_var_run_t directories
+
* Thu Oct 20 2011 Miroslav Grepl <mgrepl at redhat.com> 3.10.0-45
- Remove tzdata policy
More information about the scm-commits
mailing list