Fix password changing from cockpit login screen

node=localhost type=AVC msg=audit(1705071167.616:1344): avc:  denied  { write } for  pid=6560 comm="cockpit-session" name="etc" dev="dm-1" ino=393220 scontext=system_u:system_r:cockpit_session_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=0
node=localhost type=AVC msg=audit(1705071268.820:1383): avc:  denied  { write } for  pid=6588 comm="cockpit-session" name="etc" dev="dm-1" ino=393220 scontext=system_u:system_r:cockpit_session_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1
node=localhost type=AVC msg=audit(1705071268.820:1383): avc:  denied  { add_name } for  pid=6588 comm="cockpit-session" name="nshadow" scontext=system_u:system_r:cockpit_session_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1
node=localhost type=AVC msg=audit(1705071268.826:1384): avc:  denied  { remove_name } for  pid=6588 comm="cockpit-session" name="nshadow" dev="dm-1" ino=393552 scontext=system_u:system_r:cockpit_session_t:s0 tcontext=system_u:object_r:etc_t:s0 tclass=dir permissive=1

Signed-off-by: Dave Sugar <dsugar100@gmail.com>
This commit is contained in:
Dave Sugar 2024-01-12 10:19:09 -05:00
parent d80c8f421f
commit 08ea30252e

View File

@ -712,6 +712,7 @@ interface(`auth_manage_shadow',`
type shadow_t;
')
files_rw_etc_dirs($1)
auth_manage_shadow_history($1)
auth_rw_shadow_lock($1)
allow $1 shadow_t:file manage_file_perms;