init: allow systemd to create /dev/pts as devpts_t
This is currently denied: avc: denied { create } for pid=1 comm="systemd" name="pts" scontext=system_u:system_r:init_t tcontext=system_u:object_r:devpts_t tclass=dir permissive=1
This commit is contained in:
parent
cc6cb6c344
commit
ae40418b24
|
@ -149,6 +149,24 @@ interface(`term_mount_devpts',`
|
|||
allow $1 devpts_t:filesystem mount;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Create directory /dev/pts.
|
||||
## </summary>
|
||||
## <param name="domain">
|
||||
## <summary>
|
||||
## The type of the process creating the directory.
|
||||
## </summary>
|
||||
## </param>
|
||||
#
|
||||
interface(`term_create_devpts',`
|
||||
gen_require(`
|
||||
type devpts_t;
|
||||
')
|
||||
|
||||
allow $1 devpts_t:dir create_dir_perms;
|
||||
')
|
||||
|
||||
########################################
|
||||
## <summary>
|
||||
## Create a pty in the /dev/pts directory.
|
||||
|
|
|
@ -323,6 +323,8 @@ ifdef(`init_systemd',`
|
|||
systemd_manage_passwd_runtime_symlinks(init_t)
|
||||
systemd_use_passwd_agent(init_t)
|
||||
|
||||
term_create_devpts(init_t)
|
||||
|
||||
# udevd is a "systemd kobject uevent socket activated daemon"
|
||||
udev_create_kobject_uevent_sockets(init_t)
|
||||
|
||||
|
|
Loading…
Reference in New Issue