selinux-refpolicy/policy
Yi Zhao 017a321811 bluetooth: fixes for bluetoothd
* Allow bluetooth_t to create and use bluetooth_socket.
* Allow bluetooth_t to send messages to init scripts over dbus.
* Allow bluetooth_t to send messages from systemd hostnamed over dbus.

Fixes:
avc: denied { create } for pid=377 comm="bluetoothd"
scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:bluetooth_t tclass=bluetooth_socket
permissive=1

avc: denied { bind } for pid=377 comm="bluetoothd"
scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:bluetooth_t tclass=bluetooth_socket
permissive=1

avc: denied { write } for pid=377 comm="bluetoothd"
scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:bluetooth_t tclass=bluetooth_socket
permissive=1

avc: denied { getattr } for pid=377 comm="bluetoothd"
path="socket:[12424]" dev="sockfs" ino=12424
scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:bluetooth_t tclass=bluetooth_socket
permissive=1

avc: denied { listen } for pid=377 comm="bluetoothd"
scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:bluetooth_t tclass=bluetooth_socket
permissive=1

avc: denied { read } for pid=377 comm="bluetoothd" path="socket:[12424]"
dev="sockfs" ino=12424 scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:bluetooth_t tclass=bluetooth_socket
permissive=1

avc: denied { send_msg } for msgtype=method_return dest=:1.2 spid=377
tpid=431 scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:initrc_t tclass=dbus permissive=1

avc: denied { send_msg } for msgtype=signal
interface=org.freedesktop.DBus.ObjectManager member=InterfacesAdded
dest=org.freedesktop.DBus spid=319 tpid=241
scontext=system_u:system_r:bluetooth_t
tcontext=system_u:system_r:initrc_t tclass=dbus permissive=1

Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
2021-10-27 11:20:11 +08:00
..
flask access_vectors: Add new capabilities to cap2 2020-10-15 20:55:35 -04:00
modules bluetooth: fixes for bluetoothd 2021-10-27 11:20:11 +08:00
support file_patterns.spt: Add a mmap_manage_files_pattern(). 2021-01-28 10:51:39 -05:00
constraints whitespace cleanup 2020-08-13 14:34:57 +02:00
context_defaults
global_booleans
global_tunables
mcs
mls
policy_capabilities Correct some misspellings 2020-06-05 15:38:43 +02:00
users