2018-11-28 09:55:02 +01:00
|
|
|
Index: refpolicy/policy/modules/admin/usermanage.te
|
2018-11-27 10:16:35 +01:00
|
|
|
===================================================================
|
2019-02-05 11:31:52 +01:00
|
|
|
--- refpolicy.orig/policy/modules/admin/usermanage.te 2019-02-01 21:03:42.000000000 +0100
|
|
|
|
+++ refpolicy/policy/modules/admin/usermanage.te 2019-02-04 09:51:12.007425927 +0100
|
2018-11-28 09:55:02 +01:00
|
|
|
@@ -251,6 +251,9 @@ userdom_use_unpriv_users_fds(groupadd_t)
|
2018-11-27 10:16:35 +01:00
|
|
|
# for when /root is the cwd
|
|
|
|
userdom_dontaudit_search_user_home_dirs(groupadd_t)
|
|
|
|
|
|
|
|
+allow groupadd_t self:netlink_selinux_socket { create bind };
|
|
|
|
+allow groupadd_t var_run_t:sock_file write;
|
|
|
|
+
|
|
|
|
optional_policy(`
|
2019-02-05 11:31:52 +01:00
|
|
|
apt_use_fds(groupadd_t)
|
|
|
|
')
|
|
|
|
@@ -570,6 +573,9 @@ optional_policy(`
|
2018-11-28 09:55:02 +01:00
|
|
|
puppet_rw_tmp(useradd_t)
|
|
|
|
')
|
2018-11-27 10:16:35 +01:00
|
|
|
|
|
|
|
+allow useradd_t var_run_t:sock_file write;
|
|
|
|
+selinux_compute_access_vector(useradd_t)
|
|
|
|
+
|
|
|
|
optional_policy(`
|
2018-11-28 09:55:02 +01:00
|
|
|
tunable_policy(`samba_domain_controller',`
|
|
|
|
samba_append_log(useradd_t)
|