Accepting request 1007013 from home:jsegitz:branches:security:SELinux

chrony helper script has proper label to be used by NetworkManager.
  Also allow NetworkManager_dispatcher_custom_t to query systemd status

OBS-URL: https://build.opensuse.org/request/show/1007013
OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=148

fix_networkmanager.patch

@@ -36,6 +36,14 @@ Index: fedora-policy-20220714/policy/modules/contrib/networkmanager.te
  ')
  
  optional_policy(`
+@@ -602,6 +615,7 @@ files_manage_etc_files(NetworkManager_di
+ 
+ init_status(NetworkManager_dispatcher_cloud_t)
+ init_status(NetworkManager_dispatcher_ddclient_t)
++init_status(NetworkManager_dispatcher_custom_t)
+ init_append_stream_sockets(networkmanager_dispatcher_plugin)
+ init_ioctl_stream_sockets(networkmanager_dispatcher_plugin)
+ init_stream_connect(networkmanager_dispatcher_plugin)
 Index: fedora-policy-20220714/policy/modules/contrib/networkmanager.if
 ===================================================================
 --- fedora-policy-20220714.orig/policy/modules/contrib/networkmanager.if

selinux-policy.changes

@@ -3,7 +3,8 @@ Thu Sep 29 12:54:15 UTC 2022 - Johannes Segitz <jsegitz@suse.com>
 
 - Update fix_networkmanager.patch to ensure NetworkManager chrony
   dispatcher is properly labled and update fix_chronyd.patch to ensure
-  chrony helper script has proper label to be used by NetworkManager
+  chrony helper script has proper label to be used by NetworkManager.
+  Also allow NetworkManager_dispatcher_custom_t to query systemd status
   (bsc#1203824)
 
 -------------------------------------------------------------------