systemd: Change journal file context to MLS system high.
Fixes issues like this: audit(1640354247.630:3): op=security_validate_transition seresult=denied oldcontext=system_u:object_r:systemd_journal_t:s15:c0.c1023 newcontext=system_u:object_r:systemd_journal_t:s0 taskcontext=system_u:system_r:systemd_tmpfiles_t:s0-s15:c0.c1023 tclass=file Signed-off-by: Chris PeBenito <chpebeni@linux.microsoft.com>
This commit is contained in:
Chris PeBenito
parent
bfc448e688
commit
e09733d6b4
|
|
@ -98,4 +98,4 @@ HOME_DIR/\.local/share/systemd(/.*)? gen_context(system_u:object_r:systemd_data
|
|||
/run/tmpfiles\.d -d gen_context(system_u:object_r:systemd_tmpfiles_conf_t,s0)
|
||||
/run/tmpfiles\.d/.* <<none>>
|
||||
|
||||
/var/log/journal(/.*)? gen_context(system_u:object_r:systemd_journal_t,s0)
|
||||
/var/log/journal(/.*)? gen_context(system_u:object_r:systemd_journal_t,mls_systemhigh)
|
||||
|
|
|
|||
Loading…
Reference in New Issue