RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy
History
Krzysztof Nowicki 900a51f134 Allow systemd-tmpfilesd to relabel generic files inside /etc 
Enable this only with the systemd_tmpfilesd_factory tunable, otherwise
silence the messages with a dontaudit rule.

Fixes:

avc:  denied  { relabelfrom } for comm="systemd-tmpfile"
name="pam.d" dev= ino=
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:etc_t:s0 tclass=dir

Signed-off-by: Krzysztof Nowicki <krissn@op.pl>
 		2021-02-09 13:52:01 +01:00
..
flask access_vectors: Add new capabilities to cap2 2020-10-15 20:55:35 -04:00
modules Allow systemd-tmpfilesd to relabel generic files inside /etc 2021-02-09 13:52:01 +01:00
support file_patterns.spt: Add a mmap_manage_files_pattern(). 2021-01-28 10:51:39 -05:00
constraints
context_defaults
global_booleans
global_tunables
mcs
mls
policy_capabilities
users