RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Allow systemd-resolved to connect to system dbusd 

type=USER_AVC msg=audit(1527726267.150:134): pid=1170 uid=81 auid=4294967295 ses=4294967295 subj=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 msg='avc:  denied  { acquire_svc } for service=org.freedesktop.resolve1 spid=1208 scontext=system_u:system_r:systemd_resolved_t:s0 tcontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tclass=dbus  exe="/usr/bin/dbus-daemon" sauid=81 hostname=? addr=? terminal=?'

Signed-off-by: Dave Sugar <dsugar@tresys.com>
This commit is contained in:
Dave Sugar 2018-06-06 10:25:08 -04:00 committed by Chris PeBenito
parent 0ddccc81ad
commit fd466a380e
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
policy/modules/system/systemd.te
View File

@ -861,6 +861,7 @@ systemd_log_parse_environment(systemd_resolved_t)
systemd_read_networkd_runtime(systemd_resolved_t) systemd_read_networkd_runtime(systemd_resolved_t)
optional_policy(` optional_policy(`
dbus_connect_system_bus(systemd_resolved_t)
dbus_system_bus_client(systemd_resolved_t) dbus_system_bus_client(systemd_resolved_t)
') ')