diff options
author | Christian Göttsche <cgzones@googlemail.com> | 2024-02-22 18:00:55 +0100 |
---|---|---|
committer | Kenton Groombridge <concord@gentoo.org> | 2024-03-01 12:05:57 -0500 |
commit | 3676555ed89c3a47ec1f553710f70bf547bd7245 (patch) | |
tree | 2242ad9acb154b372d34889bd3dcd0b063a74cfd | |
parent | systemd: logind update (diff) | |
download | hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.tar.gz hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.tar.bz2 hardened-refpolicy-3676555ed89c3a47ec1f553710f70bf547bd7245.zip |
consolesetup: update
AVC avc: denied { read } for pid=770 comm="mkdir" name="filesystems" dev="proc" ino=4026532069 scontext=system_u:system_r:consolesetup_t:s0 tcontext=system_u:object_r:proc_t:s0 tclass=file permissive=0
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Kenton Groombridge <concord@gentoo.org>
-rw-r--r-- | policy/modules/services/consolesetup.te | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/policy/modules/services/consolesetup.te b/policy/modules/services/consolesetup.te index 7756ef6c..023ec5d2 100644 --- a/policy/modules/services/consolesetup.te +++ b/policy/modules/services/consolesetup.te @@ -37,6 +37,8 @@ files_runtime_filetrans(consolesetup_t, consolesetup_runtime_t, dir, "console-se manage_files_pattern(consolesetup_t, consolesetup_tmp_t, consolesetup_tmp_t) files_tmp_filetrans(consolesetup_t, consolesetup_tmp_t, file) +kernel_read_system_state(consolesetup_t) + corecmd_exec_bin(consolesetup_t) corecmd_exec_shell(consolesetup_t) |