nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow the systemd dbus-daemon to talk to systemd

Browse Source 
Recent versions of dbus are started as Type=notify

type=AVC msg=audit(03/10/19 15:32:40.347:64) : avc:  denied  { write } for  pid=809 comm=dbus-daemon name=notify dev="tmpfs" ino=1751 scontext=system_u:system_r:system_dbusd_t:s0-s0:c0.c1023 tcontext=system_u:object_r:init_runtime_t:s0 tclass=sock_file permissive=1

Signed-off-by: Laurent Bigonville <bigon@bigon.be>
This commit is contained in:
Laurent Bigonville 2019-10-03 18:22:17 +02:00
parent 04a83b9616
commit 805f2d9cd4
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
policy/modules/services/dbus.te
View File

@ -159,6 +159,9 @@ ifdef(`init_systemd', `
# for /run/systemd/dynamic-uid/
init_list_pids(system_dbusd_t)
init_read_runtime_symlinks(system_dbusd_t)
# Recent versions of dbus are started as Type=notify
init_write_runtime_socket(system_dbusd_t)
')
optional_policy(`