forked from pool/selinux-policy
177da0b45c
- Update to refpolicy 20190201. New modules for chromium, hostapd, and sigrok and minor fixes for existing modules. Refreshed suse_modifications_usermanage.patch OBS-URL: https://build.opensuse.org/request/show/671813 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/selinux-policy?expand=0&rev=71
25 lines
853 B
Diff
25 lines
853 B
Diff
Index: refpolicy/policy/modules/admin/usermanage.te
|
|
===================================================================
|
|
--- refpolicy.orig/policy/modules/admin/usermanage.te 2019-02-01 21:03:42.000000000 +0100
|
|
+++ refpolicy/policy/modules/admin/usermanage.te 2019-02-04 09:51:12.007425927 +0100
|
|
@@ -251,6 +251,9 @@ userdom_use_unpriv_users_fds(groupadd_t)
|
|
# for when /root is the cwd
|
|
userdom_dontaudit_search_user_home_dirs(groupadd_t)
|
|
|
|
+allow groupadd_t self:netlink_selinux_socket { create bind };
|
|
+allow groupadd_t var_run_t:sock_file write;
|
|
+
|
|
optional_policy(`
|
|
apt_use_fds(groupadd_t)
|
|
')
|
|
@@ -570,6 +573,9 @@ optional_policy(`
|
|
puppet_rw_tmp(useradd_t)
|
|
')
|
|
|
|
+allow useradd_t var_run_t:sock_file write;
|
|
+selinux_compute_access_vector(useradd_t)
|
|
+
|
|
optional_policy(`
|
|
tunable_policy(`samba_domain_controller',`
|
|
samba_append_log(useradd_t)
|