1 |
commit: 1c8caccaf96c56ae2b270cdf188a913fe1f64fc3 |
2 |
Author: Jonathan Davies <jpds <AT> protonmail <DOT> com> |
3 |
AuthorDate: Mon Jun 21 18:48:16 2021 +0000 |
4 |
Commit: Sam James <sam <AT> gentoo <DOT> org> |
5 |
CommitDate: Tue Jun 29 06:09:42 2021 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=1c8cacca |
7 |
|
8 |
selinux: Force audit and caps USE flags. |
9 |
|
10 |
audit is required for various parts of SELinux tooling and also enable |
11 |
caps for not requiring the use of setuid. |
12 |
|
13 |
Signed-off-by: Jonathan Davies <jpds <AT> protonmail.com> |
14 |
Closes: https://github.com/gentoo/gentoo/pull/21366 |
15 |
Signed-off-by: Sam James <sam <AT> gentoo.org> |
16 |
|
17 |
profiles/features/selinux/use.force | 4 ++++ |
18 |
1 file changed, 4 insertions(+) |
19 |
|
20 |
diff --git a/profiles/features/selinux/use.force b/profiles/features/selinux/use.force |
21 |
index a651b206dcf..012958f56cf 100644 |
22 |
--- a/profiles/features/selinux/use.force |
23 |
+++ b/profiles/features/selinux/use.force |
24 |
@@ -1 +1,5 @@ |
25 |
+# Needed for various SELinux tooling |
26 |
+audit |
27 |
+# Allows us to avoid suid |
28 |
+caps |
29 |
selinux |