From 6f7bc3da4665c1dba41bf7250cb44b81ade7e99d Mon Sep 17 00:00:00 2001 From: bauen1 Date: Wed, 20 May 2020 18:35:17 +0200 Subject: [PATCH] init: systemd will run chkpwd to start user@1000 This was likely also hidden by the unconfined module. Signed-off-by: bauen1 --- policy/modules/system/init.te | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/policy/modules/system/init.te b/policy/modules/system/init.te index 4970e0b61..c5595a611 100644 --- a/policy/modules/system/init.te +++ b/policy/modules/system/init.te @@ -317,7 +317,6 @@ ifdef(`init_systemd',` dev_manage_input_dev(init_t) dev_relabel_all_sysfs(init_t) dev_relabel_generic_symlinks(init_t) - dev_read_urand(init_t) dev_write_kmsg(init_t) dev_write_urand(init_t) dev_rw_lvm_control(init_t) @@ -435,9 +434,9 @@ ifdef(`init_systemd',` auth_manage_var_auth(init_t) auth_relabel_login_records(init_t) auth_relabel_pam_console_data_dirs(init_t) + auth_domtrans_chk_passwd(init_t) logging_manage_pid_sockets(init_t) - logging_send_audit_msgs(init_t) logging_relabelto_devlog_sock_files(init_t) logging_relabel_generic_log_dirs(init_t) logging_audit_socket_activation(init_t)