rpms/selinux-policy
6
0
Fork 0
Code Issues Pull Requests Releases Activity

* Fri Feb 26 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-174

Browse Source 
- Revert "Allow systemd-logind to create .#nologinXXXXXX labeled as systemd_logind_var_run_t in /var/run/systemd/ rhbz#1285019"
- Allow systemd-logind to create .#nologinXXXXXX labeled as systemd_logind_var_run_t in /var/run/ rhbz#1285019
This commit is contained in:
Lukas Vrabec 2016-02-26 14:55:26 +01:00
parent 7ac3a50aaf
commit e98b0994a7
3 changed files with 8 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
docker-selinux.tgz
View File

Binary file not shown.

6
policy-rawhide-base.patch
View File

@ -45535,7 +45535,7 @@ index 0000000..21f7c14
+') +')
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
new file mode 100644 new file mode 100644
index 0000000..bf93dba index 0000000..11d2aa1
--- /dev/null --- /dev/null
+++ b/policy/modules/system/systemd.te +++ b/policy/modules/system/systemd.te
@@ -0,0 +1,843 @@ @@ -0,0 +1,843 @@
@ -45688,8 +45688,8 @@ index 0000000..bf93dba
+manage_files_pattern(systemd_logind_t, { systemd_logind_sessions_t systemd_logind_var_run_t }, { systemd_logind_var_run_t systemd_logind_sessions_t }) +manage_files_pattern(systemd_logind_t, { systemd_logind_sessions_t systemd_logind_var_run_t }, { systemd_logind_var_run_t systemd_logind_sessions_t })
+manage_fifo_files_pattern(systemd_logind_t, systemd_logind_sessions_t, { systemd_logind_sessions_t systemd_logind_var_run_t }) +manage_fifo_files_pattern(systemd_logind_t, systemd_logind_sessions_t, { systemd_logind_sessions_t systemd_logind_var_run_t })
+init_named_pid_filetrans(systemd_logind_t, systemd_logind_sessions_t, dir, "sessions") +init_named_pid_filetrans(systemd_logind_t, systemd_logind_sessions_t, dir, "sessions")
+init_pid_filetrans(systemd_logind_t, systemd_logind_var_run_t, { file dir }) +init_pid_filetrans(systemd_logind_t, systemd_logind_var_run_t, dir)
+files_pid_filetrans(systemd_logind_t, systemd_logind_var_run_t, file, "nologin") +files_pid_filetrans(systemd_logind_t, systemd_logind_var_run_t, file)
+ +
+manage_dirs_pattern(systemd_logind_t, systemd_logind_inhibit_var_run_t, systemd_logind_inhibit_var_run_t) +manage_dirs_pattern(systemd_logind_t, systemd_logind_inhibit_var_run_t, systemd_logind_inhibit_var_run_t)
+manage_files_pattern(systemd_logind_t, systemd_logind_inhibit_var_run_t, systemd_logind_inhibit_var_run_t) +manage_files_pattern(systemd_logind_t, systemd_logind_inhibit_var_run_t, systemd_logind_inhibit_var_run_t)

6
selinux-policy.spec
View File

@ -19,7 +19,7 @@
Summary: SELinux policy configuration Summary: SELinux policy configuration
Name: selinux-policy Name: selinux-policy
Version: 3.13.1 Version: 3.13.1
Release: 173%{?dist} Release: 174%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Base Group: System Environment/Base
Source: serefpolicy-%{version}.tgz Source: serefpolicy-%{version}.tgz
@ -673,6 +673,10 @@ exit 0
%endif %endif
%changelog %changelog
* Fri Feb 26 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-174
- Revert "Allow systemd-logind to create .#nologinXXXXXX labeled as systemd_logind_var_run_t in /var/run/systemd/ rhbz#1285019"
- Allow systemd-logind to create .#nologinXXXXXX labeled as systemd_logind_var_run_t in /var/run/ rhbz#1285019
* Fri Feb 26 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-173 * Fri Feb 26 2016 Lukas Vrabec <lvrabec@redhat.com> 3.13.1-173
- Allow amanda to manipulate the tape changer to load the necessary tapes. rhbz#1311759 - Allow amanda to manipulate the tape changer to load the necessary tapes. rhbz#1311759
- Allow keepalived to create netlink generic sockets. rhbz#1311756 - Allow keepalived to create netlink generic sockets. rhbz#1311756