selinux-policy/add-allow-for-ldconfig-to-map-libsudo_util-so.patch

From db595c32644c01e6a9e5697d03a3f480d0dbba2e Mon Sep 17 00:00:00 2001
From: zhangchenfeng <zhangchenfeng1@huawei.com>
Date: Wed, 14 Aug 2019 07:58:13 +0800
Subject: [PATCH] add allow for ldconfig to map /usr/libexec/libsudo_util.so

reason: add allow for ldconfig to map /usr/libexec/libsudo_util.so
---
 policy/modules/system/libraries.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/policy/modules/system/libraries.te b/policy/modules/system/libraries.te
index 7a660a0..0893aba 100644
--- a/policy/modules/system/libraries.te
+++ b/policy/modules/system/libraries.te
@@ -95,6 +95,9 @@ files_search_usr(ldconfig_t)
 # for when /etc/ld.so.cache is mislabeled:
 files_delete_etc_files(ldconfig_t)
 
+# for map /usr/libexec/libsudo_util.so
+allow ldconfig_t bin_t:file map;
+
 init_use_script_ptys(ldconfig_t)
 init_read_script_tmp_files(ldconfig_t)
 
-- 
1.8.3.1
Package init 2019-12-25 16:07:15 +08:00			`From db595c32644c01e6a9e5697d03a3f480d0dbba2e Mon Sep 17 00:00:00 2001`
			`From: zhangchenfeng <zhangchenfeng1@huawei.com>`
			`Date: Wed, 14 Aug 2019 07:58:13 +0800`
			`Subject: [PATCH] add allow for ldconfig to map /usr/libexec/libsudo_util.so`

			`reason: add allow for ldconfig to map /usr/libexec/libsudo_util.so`
			`---`
			`policy/modules/system/libraries.te \| 3 +++`
			`1 file changed, 3 insertions(+)`

			`diff --git a/policy/modules/system/libraries.te b/policy/modules/system/libraries.te`
			`index 7a660a0..0893aba 100644`
			`--- a/policy/modules/system/libraries.te`
			`+++ b/policy/modules/system/libraries.te`
			`@@ -95,6 +95,9 @@ files_search_usr(ldconfig_t)`
			`# for when /etc/ld.so.cache is mislabeled:`
			`files_delete_etc_files(ldconfig_t)`

			`+# for map /usr/libexec/libsudo_util.so`
			`+allow ldconfig_t bin_t:file map;`
			`+`
			`init_use_script_ptys(ldconfig_t)`
			`init_read_script_tmp_files(ldconfig_t)`

			`--`
			`1.8.3.1`