rpms/selinux-policy
5
0
Fork 0
Code Issues Pull Requests Releases Activity

fix up su

Browse Source
This commit is contained in:
Chris PeBenito 2005-10-25 14:31:53 +00:00
parent a662d2b7f9
commit 83e4512c33
2 changed files with 14 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
refpolicy/policy/modules/admin/su.if
View File

@ -181,6 +181,9 @@ template(`su_per_userdomain_template',`
auth_dontaudit_read_shadow($1_su_t) auth_dontaudit_read_shadow($1_su_t)
auth_use_nsswitch($1_su_t) auth_use_nsswitch($1_su_t)
corecmd_search_bin($1_su_t)
corecmd_search_sbin($1_su_t)
domain_use_wide_inherit_fd($1_su_t) domain_use_wide_inherit_fd($1_su_t)
files_read_etc_files($1_su_t) files_read_etc_files($1_su_t)

12
refpolicy/policy/modules/system/authlogin.if
View File

@ -136,7 +136,17 @@ template(`authlogin_per_userdomain_template',`
## </param> ## </param>
# #
template(`auth_domtrans_user_chk_passwd',` template(`auth_domtrans_user_chk_passwd',`
ifdef(`targeted_policy',`',` ifdef(`targeted_policy',`
gen_require(`
type chkpwd_exec_t;
')
domain_auto_trans($2,chkpwd_exec_t,system_chkpwd_t)
allow $2 system_chkpwd_t:fd use;
allow system_chkpwd_t $2:fd use;
allow system_chkpwd_t $2:fifo_file rw_file_perms;
allow system_chkpwd_t $2:process sigchld;
',`
gen_require(` gen_require(`
type chkpwd_exec_t; type chkpwd_exec_t;
') ')