1 |
commit: a94131f569e9e185a3f08a774bb6ba62c5e90bd1 |
2 |
Author: Chris PeBenito <pebenito <AT> ieee <DOT> org> |
3 |
AuthorDate: Fri Feb 24 01:16:40 2017 +0000 |
4 |
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Feb 25 14:22:23 2017 +0000 |
6 |
URL: https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=a94131f5 |
7 |
|
8 |
Fix CI errors. |
9 |
|
10 |
policy/modules/system/logging.te | 2 -- |
11 |
policy/modules/system/systemd.if | 2 +- |
12 |
2 files changed, 1 insertion(+), 3 deletions(-) |
13 |
|
14 |
diff --git a/policy/modules/system/logging.te b/policy/modules/system/logging.te |
15 |
index 9a6c714a..54436756 100644 |
16 |
--- a/policy/modules/system/logging.te |
17 |
+++ b/policy/modules/system/logging.te |
18 |
@@ -515,8 +515,6 @@ ifdef(`init_systemd',` |
19 |
allow syslogd_t self:capability2 audit_read; |
20 |
allow syslogd_t self:capability { chown setgid setuid sys_ptrace }; |
21 |
allow syslogd_t self:netlink_audit_socket { getattr getopt read setopt write }; |
22 |
- allow syslogd_t init_var_run_t:file { read write create open }; |
23 |
- allow syslogd_t var_run_t:dir create; |
24 |
|
25 |
kernel_getattr_dgram_sockets(syslogd_t) |
26 |
kernel_read_ring_buffer(syslogd_t) |
27 |
|
28 |
diff --git a/policy/modules/system/systemd.if b/policy/modules/system/systemd.if |
29 |
index 69ee084f..70047dbe 100644 |
30 |
--- a/policy/modules/system/systemd.if |
31 |
+++ b/policy/modules/system/systemd.if |
32 |
@@ -248,7 +248,7 @@ interface(`systemd_manage_all_units',` |
33 |
# |
34 |
interface(`systemd_manage_journal_files',` |
35 |
gen_require(` |
36 |
- type systemd_logind_t; |
37 |
+ type systemd_journal_t; |
38 |
') |
39 |
|
40 |
manage_dirs_pattern($1, systemd_journal_t, systemd_journal_t) |