Accepting request 922219 from home:ematsumiya:branches:security:SELinux

- Fix auditd service start with systemd hardening directives (boo#1190918) * add fix_auditd.patch OBS-URL: https://build.opensuse.org/request/show/922219 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=120
2021-09-30 06:48:59 +00:00 · 2021-09-30 06:48:59 +00:00 · 569b406914
commit 569b406914
parent 23c83e5de5
3 changed files with 17 additions and 0 deletions
--- a/fix_auditd.patch
+++ b/fix_auditd.patch
@ -0,0 +1,10 @@
+--- a/policy/modules/system/logging.if
+++ b/policy/modules/system/logging.if
+@@ -430,6 +430,7 @@ interface(`logging_manage_audit_config',
+ 
+ 	files_search_etc($1)
+ 	manage_files_pattern($1, auditd_etc_t, auditd_etc_t)
+	allow $1 auditd_etc_t:dir mounton;
+ ')
+ 
+ ########################################
--- a/selinux-policy.changes
+++ b/selinux-policy.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Tue Sep 28 12:44:22 UTC 2021 - Enzo Matsumiya <ematsumiya@suse.com>
+
+- Fix auditd service start with systemd hardening directives (boo#1190918)
+  * add fix_auditd.patch
+
 -------------------------------------------------------------------
 Thu Sep  2 08:45:24 UTC 2021 - Johannes Segitz <jsegitz@suse.com>

--- a/selinux-policy.spec
+++ b/selinux-policy.spec
@ -136,6 +136,7 @@ Patch052:       fix_cockpit.patch
 Patch053:       fix_systemd_watch.patch
 # kernel specific sysctl.conf (boo#1184804)
 Patch054:       fix_kernel_sysctl.patch
+Patch055:       fix_auditd.patch

 Patch100:       sedoctool.patch