From 103215eb8262f37632387014d5e35c118f231cc0 Mon Sep 17 00:00:00 2001
From: guoxiaoqi <guoxiaoqi2@huawei.com>
Date: Thu, 16 Jul 2020 17:06:14 +0800
Subject: [PATCH] add allow for ldconfig to map /usr/libexec/libsudo_util.so

Signed-off-by: guoxiaoqi <guoxiaoqi2@huawei.com>
---
 policy/modules/system/libraries.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/policy/modules/system/libraries.te b/policy/modules/system/libraries.te
index 22696ca..9b26f75 100644
--- a/policy/modules/system/libraries.te
+++ b/policy/modules/system/libraries.te
@@ -95,6 +95,9 @@ files_search_usr(ldconfig_t)
 # for when /etc/ld.so.cache is mislabeled:
 files_delete_etc_files(ldconfig_t)
 
+# for map /usr/libexec/libsudo_util.so
+allow ldconfig_t bin_t:file map;
+
 init_use_script_ptys(ldconfig_t)
 init_read_script_tmp_files(ldconfig_t)
 init_manage_script_tmp_files(ldconfig_t)
-- 
1.8.3.1