selinux-policy/suse_modifications_usermanage.patch

Index: refpolicy/policy/modules/admin/usermanage.te
===================================================================
--- refpolicy.orig/policy/modules/admin/usermanage.te	2019-06-09 20:05:20.000000000 +0200
+++ refpolicy/policy/modules/admin/usermanage.te	2019-07-11 14:31:20.965630396 +0200
@@ -251,6 +251,9 @@ userdom_use_unpriv_users_fds(groupadd_t)
 # for when /root is the cwd
 userdom_dontaudit_search_user_home_dirs(groupadd_t)
 
+allow groupadd_t self:netlink_selinux_socket { create bind };
+allow groupadd_t var_run_t:sock_file write;
+
 optional_policy(`
 	apt_use_fds(groupadd_t)
 ')
@@ -571,6 +574,9 @@ optional_policy(`
 	puppet_rw_tmp(useradd_t)
 ')
 
+allow useradd_t var_run_t:sock_file write;
+selinux_compute_access_vector(useradd_t)
+
 optional_policy(`
 	tunable_policy(`samba_domain_controller',`
 		samba_append_log(useradd_t)