usermanage: Move kernel_dgram_send(passwd_t) to systemd block.

This commit is contained in:
Chris PeBenito 2019-03-11 20:56:46 -04:00
parent 1cc0045642
commit 5260679657
1 changed files with 5 additions and 1 deletions

View File

@ -304,7 +304,6 @@ allow passwd_t self:msg { send receive };
allow passwd_t crack_db_t:dir list_dir_perms;
read_files_pattern(passwd_t, crack_db_t, crack_db_t)
kernel_dgram_send(passwd_t)
kernel_read_crypto_sysctls(passwd_t)
kernel_read_kernel_sysctls(passwd_t)
@ -367,6 +366,11 @@ userdom_read_user_tmp_files(passwd_t)
# on user home dir
userdom_dontaudit_search_user_home_content(passwd_t)
ifdef(`init_systemd',`
# for journald /dev/log
kernel_dgram_send(passwd_t)
')
optional_policy(`
nscd_run(passwd_t, passwd_roles)
')