forked from pool/selinux-policy
17 lines
636 B
Diff
17 lines
636 B
Diff
Index: serefpolicy-20140730/policy/modules/roles/unconfineduser.te
|
|
===================================================================
|
|
--- serefpolicy-20140730.orig/policy/modules/roles/unconfineduser.te
|
|
+++ serefpolicy-20140730/policy/modules/roles/unconfineduser.te
|
|
@@ -79,6 +79,11 @@ domain_transition_all(unconfined_t)
|
|
|
|
usermanage_run_passwd(unconfined_t, unconfined_r)
|
|
|
|
+# FIXME SUSE
|
|
+#allow unconfined_t systemd_systemctl_exec_t:file entrypoint;
|
|
+allow unconfined_t init_exec_t:file entrypoint;
|
|
+allow init_t unconfined_t:process transition;
|
|
+
|
|
tunable_policy(`deny_execmem',`',`
|
|
allow unconfined_t self:process execmem;
|
|
')
|