forked from pool/selinux-policy
25 lines
885 B
Diff
25 lines
885 B
Diff
Index: serefpolicy-20140730/policy/modules/admin/usermanage.te
|
|
===================================================================
|
|
--- serefpolicy-20140730.orig/policy/modules/admin/usermanage.te
|
|
+++ serefpolicy-20140730/policy/modules/admin/usermanage.te
|
|
@@ -274,6 +274,9 @@ userdom_use_unpriv_users_fds(groupadd_t)
|
|
# for when /root is the cwd
|
|
userdom_dontaudit_search_user_home_dirs(groupadd_t)
|
|
|
|
+allow groupadd_t self:netlink_selinux_socket { create bind };
|
|
+allow groupadd_t var_run_t:sock_file write;
|
|
+
|
|
optional_policy(`
|
|
dpkg_use_fds(groupadd_t)
|
|
dpkg_rw_pipes(groupadd_t)
|
|
@@ -572,6 +575,9 @@ userdom_home_filetrans_user_home_dir(use
|
|
userdom_manage_home_role(system_r, useradd_t)
|
|
userdom_delete_all_user_home_content(useradd_t)
|
|
|
|
+allow useradd_t var_run_t:sock_file write;
|
|
+selinux_compute_access_vector(useradd_t)
|
|
+
|
|
optional_policy(`
|
|
mta_manage_spool(useradd_t)
|
|
')
|