RepoMirrors
/
selinux-refpolicy
mirror of https://github.com/SELinuxProject/refpolicy
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
selinux-refpolicy/policy/modules/kernel
History
Krzysztof Nowicki 900a51f134 Allow systemd-tmpfilesd to relabel generic files inside /etc 
Enable this only with the systemd_tmpfilesd_factory tunable, otherwise
silence the messages with a dontaudit rule.

Fixes:

avc:  denied  { relabelfrom } for comm="systemd-tmpfile"
name="pam.d" dev= ino=
scontext=system_u:system_r:systemd_tmpfiles_t:s0
tcontext=system_u:object_r:etc_t:s0 tclass=dir

Signed-off-by: Krzysztof Nowicki <krissn@op.pl>
 		2021-02-09 13:52:01 +01:00
..
corecommands.fc corecommands: add entry for Busybox shell 2020-09-21 16:25:09 +02:00
corecommands.if remove deprecated from 20190201 2021-01-25 08:59:34 -05:00
corecommands.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
corenetwork.fc
corenetwork.if.in Fix several misspellings 2020-08-13 14:08:58 +02:00
corenetwork.if.m4 Allow systemd-networkd to handle ICMP and DHCP packets 2020-04-22 15:46:56 +03:00
corenetwork.te.in Bump module versions for release. 2021-02-03 08:38:26 -05:00
corenetwork.te.m4 work on SELint issues 2020-08-13 21:23:43 +02:00
devices.fc Fix several misspellings 2020-08-13 14:08:58 +02:00
devices.if remove deprecated from 20190201 2021-01-25 08:59:34 -05:00
devices.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
domain.fc
domain.if Merge pull request #296 from cgzones/diff-check 2020-08-13 09:19:48 -04:00
domain.te Bump module versions for release. 2020-08-18 09:09:10 -04:00
files.fc Remove modules for programs that are deprecated or no longer supported. 2021-01-14 17:14:30 -05:00
files.if Allow systemd-tmpfilesd to relabel generic files inside /etc 2021-02-09 13:52:01 +01:00
files.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
filesystem.fc filesystem: pathcon for matching tracefs mount 2020-05-27 11:51:36 +02:00
filesystem.if Allow systemd to relabel startup-important directories 2021-02-09 13:24:49 +01:00
filesystem.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
kernel.fc
kernel.if Allow use of systemd UNIX sockets created at initrd execution 2021-02-09 13:24:51 +01:00
kernel.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
mcs.fc
mcs.if
mcs.te
metadata.xml
mls.fc
mls.if remove deprecated from 20190201 2021-01-25 08:59:34 -05:00
mls.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
selinux.fc
selinux.if selinux: add selinux_get_all_booleans() interface 2020-12-15 15:19:30 +00:00
selinux.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
storage.fc devices, storage: Add fc entries for mtd char devices and ndctl devices. 2019-07-16 16:38:43 -04:00
storage.if Fix several misspellings 2020-08-13 14:08:58 +02:00
storage.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
terminal.fc Remove old exception 2020-02-23 17:52:54 +01:00
terminal.if Remove modules for programs that are deprecated or no longer supported. 2021-01-14 17:14:30 -05:00
terminal.te Bump module versions for release. 2021-02-03 08:38:26 -05:00
ubac.fc
ubac.if
ubac.te whitespace cleanup 2020-08-13 14:34:57 +02:00