| 1 |
commit: 5ccbe3a67512a8fc056b2bed30fe8e346d347387 |
| 2 |
Author: Laurent Bigonville <bigon <AT> bigon <DOT> be> |
| 3 |
AuthorDate: Thu Nov 1 14:14:43 2018 +0000 |
| 4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
| 5 |
CommitDate: Sun Nov 18 10:56:47 2018 +0000 |
| 6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=5ccbe3a6 |
| 7 |
|
| 8 |
Allow semanage_t to connect to system D-Bus bus |
| 9 |
|
| 10 |
This is needed as systemd NSS modules is talking to systemd/PID1 over |
| 11 |
D-Bus |
| 12 |
|
| 13 |
Signed-off-by: Jason Zaman <jason <AT> perfinion.com> |
| 14 |
|
| 15 |
policy/modules/system/selinuxutil.te | 7 +++++++ |
| 16 |
1 file changed, 7 insertions(+) |
| 17 |
|
| 18 |
diff --git a/policy/modules/system/selinuxutil.te b/policy/modules/system/selinuxutil.te |
| 19 |
index c4a199f4..1293616c 100644 |
| 20 |
--- a/policy/modules/system/selinuxutil.te |
| 21 |
+++ b/policy/modules/system/selinuxutil.te |
| 22 |
@@ -560,6 +560,13 @@ optional_policy(` |
| 23 |
portage_eselect_module(semanage_t) |
| 24 |
') |
| 25 |
|
| 26 |
+ifdef(`init_systemd',` |
| 27 |
+ optional_policy(` |
| 28 |
+ init_dbus_chat(semanage_t) |
| 29 |
+ dbus_system_bus_client(semanage_t) |
| 30 |
+ ') |
| 31 |
+') |
| 32 |
+ |
| 33 |
optional_policy(` |
| 34 |
locallogin_use_fds(semanage_t) |
| 35 |
') |
Archives