packages/selinux-policy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
selinux-policy/add-allow-passwd-to-write-sssd-var-lib.patch
guoxiaoqi 899b6a7957 allow passwd to map and write sssd var lib
2020-05-30 10:59:50 +08:00

28 lines
862 B
Diff
Raw Blame History

From e237958d348766aac7f83414ed7af2ab44f8efca Mon Sep 17 00:00:00 2001
From: guoxiaoqi <guoxiaoqi2@huawei.com>
Date: Sat, 30 May 2020 10:56:41 +0800
Subject: [PATCH] add allow passwd to write sssd var lib
Signed-off-by: guoxiaoqi <guoxiaoqi2@huawei.com>
---
policy/modules/admin/usermanage.te | 3 +++
1 file changed, 3 insertions(+)
diff --git a/policy/modules/admin/usermanage.te b/policy/modules/admin/usermanage.te
index 1977309..426bae8 100644
--- a/policy/modules/admin/usermanage.te
+++ b/policy/modules/admin/usermanage.te
@@ -391,6 +391,9 @@ logging_send_syslog_msg(passwd_t)
seutil_read_config(passwd_t)
seutil_read_file_contexts(passwd_t)
+sssd_var_lib_map_file(passwd_t)
+sssd_var_lib_write_file(passwd_t)
+
userdom_use_inherited_user_terminals(passwd_t)
userdom_use_unpriv_users_fds(passwd_t)
# make sure that getcon succeeds
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink