selinux-policy/add-avc-for-systemd-hostnamed-and-systemd-logind.patch

From f5e75734ba636d9a3db9e7fc4a9c7766b5f965aa Mon Sep 17 00:00:00 2001
From: guoxiaoqi <guoxiaoqi2@huawei.com>
Date: Thu, 16 Jul 2020 19:01:43 +0800
Subject: [PATCH] add avc for systemd-hostnamed and systemd-logind

Signed-off-by: guoxiaoqi <guoxiaoqi2@huawei.com>
---
 policy/modules/system/systemd.te | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index 7cb36c4..72f413c 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -373,6 +373,12 @@ optional_policy(`
 	xserver_search_xdm_tmp_dirs(systemd_logind_t)
 ')
 
+# avc for openEuler
+allow init_t systemd_logind_var_lib_t:dir { create mounton read };
+allow init_t systemd_logind_var_run_t:dir mounton;
+init_nnp_daemon_domain(systemd_hostnamed_t)
+init_nnp_daemon_domain(systemd_logind_t)
+
 ########################################
 #
 # systemd_machined local policy
-- 
1.8.3.1
update selinux-policy 2020-07-27 09:36:04 +08:00			`From f5e75734ba636d9a3db9e7fc4a9c7766b5f965aa Mon Sep 17 00:00:00 2001`
update avc for openEuler 2020-02-26 14:13:26 +08:00			`From: guoxiaoqi <guoxiaoqi2@huawei.com>`
update selinux-policy 2020-07-27 09:36:04 +08:00			`Date: Thu, 16 Jul 2020 19:01:43 +0800`
update avc for openEuler 2020-02-26 14:13:26 +08:00			`Subject: [PATCH] add avc for systemd-hostnamed and systemd-logind`

			`Signed-off-by: guoxiaoqi <guoxiaoqi2@huawei.com>`
			`---`
			`policy/modules/system/systemd.te \| 6 ++++++`
			`1 file changed, 6 insertions(+)`

			`diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te`
update selinux-policy 2020-07-27 09:36:04 +08:00			`index 7cb36c4..72f413c 100644`
update avc for openEuler 2020-02-26 14:13:26 +08:00			`--- a/policy/modules/system/systemd.te`
			`+++ b/policy/modules/system/systemd.te`
update selinux-policy 2020-07-27 09:36:04 +08:00			@@ -373,6 +373,12 @@ optional_policy(`
			`xserver_search_xdm_tmp_dirs(systemd_logind_t)`
update avc for openEuler 2020-02-26 14:13:26 +08:00			`')`
update selinux-policy 2020-07-27 09:36:04 +08:00
update avc for openEuler 2020-02-26 14:13:26 +08:00			`+# avc for openEuler`
			`+allow init_t systemd_logind_var_lib_t:dir { create mounton read };`
			`+allow init_t systemd_logind_var_run_t:dir mounton;`
			`+init_nnp_daemon_domain(systemd_hostnamed_t)`
			`+init_nnp_daemon_domain(systemd_logind_t)`
update selinux-policy 2020-07-27 09:36:04 +08:00			`+`
			`########################################`
			`#`
			`# systemd_machined local policy`
update avc for openEuler 2020-02-26 14:13:26 +08:00			`--`
			`1.8.3.1`