packages/selinux-policy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
selinux-policy/backport-Allow-systemd-machined-manage-systemd-userdbd-runtim.patch
luhuaxin 67a202caa4 backport some upstream patches
2021-05-31 18:58:06 +08:00

60 lines
2.1 KiB
Diff
Raw Blame History

From 9b31818705c564f94c46366ef83efa4951ffa64a Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Tue, 12 Jan 2021 18:36:07 +0100
Reference: https://github.com/fedora-selinux/selinux-policy/commit/9b31818705c564f94c46366ef83efa4951ffa64a
Conflict: NA
Subject: [PATCH] Allow systemd-machined manage systemd-userdbd runtime sockets
Add the systemd_manage_userdbd_runtime_sock_files() interface
and remove systemd_create_userdbd_runtime_sock_files()
which is not used any longer.
Resolves: rhbz#1891182
---
policy/modules/system/systemd.if | 6 +++---
policy/modules/system/systemd.te | 2 +-
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if
index d10ae16..67479ce 100644
--- a/policy/modules/system/systemd.if
+++ b/policy/modules/system/systemd.if
@@ -2486,7 +2486,7 @@ interface(`systemd_userdbd_stream_connect',`
#######################################
## <summary>
-## Create a named socket in userdbd runtime directory
+## Manage named sockets in userdbd runtime directory
## </summary>
## <param name="domain">
## <summary>
@@ -2494,10 +2494,10 @@ interface(`systemd_userdbd_stream_connect',`
## </summary>
## </param>
#
-interface(`systemd_create_userdbd_runtime_sock_files',`
+interface(`systemd_manage_userdbd_runtime_sock_files',`
gen_require(`
type systemd_userdbd_runtime_t;
')
- create_sock_files_pattern($1, systemd_userdbd_runtime_t, systemd_userdbd_runtime_t)
+ manage_sock_files_pattern($1, systemd_userdbd_runtime_t, systemd_userdbd_runtime_t)
')
diff --git a/policy/modules/system/systemd.te b/policy/modules/system/systemd.te
index c806b29..3eb12be 100644
--- a/policy/modules/system/systemd.te
+++ b/policy/modules/system/systemd.te
@@ -416,7 +416,7 @@ init_manage_config_transient_files(systemd_machined_t)
logging_dgram_send(systemd_machined_t)
systemd_read_efivarfs(systemd_machined_t)
-systemd_create_userdbd_runtime_sock_files(systemd_machined_t)
+systemd_manage_userdbd_runtime_sock_files(systemd_machined_t)
userdom_dbus_send_all_users(systemd_machined_t)
--
1.8.3.1
Reference in New Issue View Git Blame Copy Permalink