RepoMirrors/selinux-refpolicy
1
0
Fork 0
mirror of https://github.com/SELinuxProject/refpolicy synced 2025-03-11 07:40:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

authlogin: fix regex for /etc/tcb

Browse Source 
Also add the proper context for the tcb_updpwd binary.

Complements: bc88a1ca4b

Signed-off-by: Björn Esser <besser82@fedoraproject.org>
This commit is contained in:
Björn Esser 2021-10-18 16:25:18 +02:00
parent 63f0c51fce
commit d939dcbff3
No known key found for this signature in database
GPG Key ID: F52E98007594C21D
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
policy/modules/system/authlogin.fc
View File

@ -3,7 +3,7 @@
/etc/passwd\.lock -- gen_context(system_u:object_r:shadow_lock_t,s0)
/etc/gshadow.* -- gen_context(system_u:object_r:shadow_t,s0)
/etc/shadow.* -- gen_context(system_u:object_r:shadow_t,s0)
/etc/tcb(/.*)? -- gen_context(system_u:object_r:shadow_t,s0)
/etc/tcb/.+/shadow.* -- gen_context(system_u:object_r:shadow_t,s0)
/etc/security/opasswd -- gen_context(system_u:object_r:shadow_history_t,s0)
/etc/security/opasswd\.old -- gen_context(system_u:object_r:shadow_history_t,s0)
@ -26,6 +26,7 @@ ifdef(`distro_redhat', `
/usr/libexec/utempter/utempter -- gen_context(system_u:object_r:utempter_exec_t,s0)
')
/usr/libexec/chkpwd/tcb_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0)
/usr/libexec/chkpwd/tcb_updpwd -- gen_context(system_u:object_r:updpwd_exec_t,s0)
/usr/sbin/pam_console_apply -- gen_context(system_u:object_r:pam_console_exec_t,s0)
/usr/sbin/pam_timestamp_check -- gen_context(system_u:object_r:pam_exec_t,s0)