From ec4c74f73a3b17a0f61bdd28da914ffe343d3aef052dcb3d35788ff7afe36f85 Mon Sep 17 00:00:00 2001 From: Johannes Segitz Date: Tue, 31 Aug 2021 13:53:41 +0000 Subject: [PATCH] Accepting request 915205 from home:akedroutek:branches:security:SELinux - fix rebootmgr does not trigger the reboot properly (boo#1189878) * fix managing /etc/rebootmgr.conf * allow rebootmgr_t to cope with systemd and dbus messaging OBS-URL: https://build.opensuse.org/request/show/915205 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=118 --- rebootmgr.te | 10 +++++++--- selinux-policy.changes | 7 +++++++ 2 files changed, 14 insertions(+), 3 deletions(-) diff --git a/rebootmgr.te b/rebootmgr.te index 46878c5..4b4e6ab 100644 --- a/rebootmgr.te +++ b/rebootmgr.te @@ -9,8 +9,6 @@ type rebootmgr_t; type rebootmgr_exec_t; init_daemon_domain(rebootmgr_t, rebootmgr_exec_t) -permissive rebootmgr_t; - ######################################## # # rebootmgr local policy @@ -21,12 +19,18 @@ allow rebootmgr_t self:unix_stream_socket create_stream_socket_perms; domain_use_interactive_fds(rebootmgr_t) -files_read_etc_files(rebootmgr_t) +files_manage_etc_files(rebootmgr_t) logging_send_syslog_msg(rebootmgr_t) miscfiles_read_localization(rebootmgr_t) +systemd_start_power_services(rebootmgr_t) + +systemd_dbus_chat_logind(rebootmgr_t) + +unconfined_dbus_chat(rebootmgr_t) + optional_policy(` dbus_system_bus_client(rebootmgr_t) dbus_connect_system_bus(rebootmgr_t) diff --git a/selinux-policy.changes b/selinux-policy.changes index 6bd4e8d..40d5a02 100644 --- a/selinux-policy.changes +++ b/selinux-policy.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Fri Aug 27 13:07:54 UTC 2021 - Ales Kedroutek + +- fix rebootmgr does not trigger the reboot properly (boo#1189878) + * fix managing /etc/rebootmgr.conf + * allow rebootmgr_t to cope with systemd and dbus messaging + ------------------------------------------------------------------- Thu Aug 26 07:37:05 UTC 2021 - Johannes Segitz