RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

getty: allow watching file /run/agetty.reload 

avc:  denied  { watch } for  pid=2485 comm="agetty" path="/run/agetty.reload" dev="tmpfs" ino=22050 scontext=system_u:system_r:getty_t:s0 tcontext=system_u:object_r:getty_runtime_t:s0 tclass=file permissive=0

Signed-off-by: Jason Zaman <perfinion@gentoo.org>
Signed-off-by: Jason Zaman <jason@perfinion.com>
This commit is contained in:
Jason Zaman 2020-11-16 19:46:22 -08:00 committed by Chris PeBenito
parent a98f25ce73
commit 0ad23a33ef
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/system/getty.te
View File

@ -47,6 +47,7 @@ allow getty_t getty_log_t:file { append_file_perms create_file_perms setattr_fil
logging_log_filetrans(getty_t, getty_log_t, file)
allow getty_t getty_runtime_t:dir watch;
allow getty_t getty_runtime_t:file watch;
manage_files_pattern(getty_t, getty_runtime_t, getty_runtime_t)
files_runtime_filetrans(getty_t, getty_runtime_t, file)