From 1363710b88904f29915e39335fef0dfb673a0f70 Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Mon, 24 Aug 2020 14:29:15 +0200
Subject: [PATCH] Add file context for ~/.config/Yubico

Add file context specification for ~/.config/Yubico in addition to
existing ~/.yubico. Update the auth_filetrans_home_content() and
auth_filetrans_admin_home_content() interfaces accordingly.

Resolves: rhbz#1860888
Signed-off-by: lujie42 <572084868@qq.com>
---
 policy/modules/system/authlogin.fc | 2 ++
 policy/modules/system/authlogin.if | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/policy/modules/system/authlogin.fc b/policy/modules/system/authlogin.fc
index 009c156..58551ec 100644
--- a/policy/modules/system/authlogin.fc
+++ b/policy/modules/system/authlogin.fc
@@ -1,7 +1,9 @@
 HOME_DIR/\.yubico(/.*)?				    gen_context(system_u:object_r:auth_home_t,s0)
+HOME_DIR/\.config/Yubico(/.*)?			    gen_context(system_u:object_r:auth_home_t,s0)
 HOME_DIR/\.google_authenticator			gen_context(system_u:object_r:auth_home_t,s0)
 HOME_DIR/\.google_authenticator~		gen_context(system_u:object_r:auth_home_t,s0)
 /root/\.yubico(/.*)?                    gen_context(system_u:object_r:auth_home_t,s0)
+/root/\.config/Yubico(/.*)?		gen_context(system_u:object_r:auth_home_t,s0)
 /root/\.google_authenticator			gen_context(system_u:object_r:auth_home_t,s0)
 /root/\.google_authenticator~			gen_context(system_u:object_r:auth_home_t,s0)
 
diff --git a/policy/modules/system/authlogin.if b/policy/modules/system/authlogin.if
index 099166d..90ae5fe 100644
--- a/policy/modules/system/authlogin.if
+++ b/policy/modules/system/authlogin.if
@@ -2313,6 +2313,7 @@ interface(`auth_filetrans_admin_home_content',`
 	userdom_admin_home_dir_filetrans($1, auth_home_t, file, ".google_authenticator")
 	userdom_admin_home_dir_filetrans($1, auth_home_t, file, ".google_authenticator~")
 	userdom_admin_home_dir_filetrans($1, auth_home_t, dir, ".yubico")
+	userdom_admin_home_dir_filetrans($1, auth_home_t, dir, ".config/Yubico")
 ')
 
 
@@ -2377,6 +2378,7 @@ interface(`auth_filetrans_home_content',`
 	userdom_user_home_dir_filetrans($1, auth_home_t, file, ".google_authenticator")
 	userdom_user_home_dir_filetrans($1, auth_home_t, file, ".google_authenticator~")
 	userdom_user_home_dir_filetrans($1, auth_home_t, dir, ".yubico")
+	userdom_user_home_dir_filetrans($1, auth_home_t, dir, ".config/Yubico")
 ')
 
 ########################################
-- 
1.8.3.1