From 9b31818705c564f94c46366ef83efa4951ffa64a Mon Sep 17 00:00:00 2001 From: Zdenek Pytela Date: Tue, 12 Jan 2021 18:36:07 +0100 Reference: https://github.com/fedora-selinux/selinux-policy/commit/9b31818705c564f94c46366ef83efa4951ffa64a Conflict: NA Subject: [PATCH] Allow systemd-machined manage systemd-userdbd runtime sockets Add the systemd_manage_userdbd_runtime_sock_files() interface and remove systemd_create_userdbd_runtime_sock_files() which is not used any longer. Resolves: rhbz#1891182 --- policy/modules/system/systemd.if | 6 +++--- policy/modules/system/systemd.te | 2 +- 2 files changed, 4 insertions(+), 4 deletions(-) diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if index d10ae16..67479ce 100644 --- a/policy/modules/system/systemd.if +++ b/policy/modules/system/systemd.if @@ -2486,7 +2486,7 @@ interface(`systemd_userdbd_stream_connect',` ####################################### ## -## Create a named socket in userdbd runtime directory +## Manage named sockets in userdbd runtime directory ## ## ## @@ -2494,10 +2494,10 @@ interface(`systemd_userdbd_stream_connect',` ## ## # -interface(`systemd_create_userdbd_runtime_sock_files',` +interface(`systemd_manage_userdbd_runtime_sock_files',` gen_require(` type systemd_userdbd_runtime_t; ') - create_sock_files_pattern($1, systemd_userdbd_runtime_t, systemd_userdbd_runtime_t) + manage_sock_files_pattern($1, systemd_userdbd_runtime_t, systemd_userdbd_runtime_t) ') diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te index c806b29..3eb12be 100644 --- a/policy/modules/system/systemd.te +++ b/policy/modules/system/systemd.te @@ -416,7 +416,7 @@ init_manage_config_transient_files(systemd_machined_t) logging_dgram_send(systemd_machined_t) systemd_read_efivarfs(systemd_machined_t) -systemd_create_userdbd_runtime_sock_files(systemd_machined_t) +systemd_manage_userdbd_runtime_sock_files(systemd_machined_t) userdom_dbus_send_all_users(systemd_machined_t) -- 1.8.3.1