From a0e88de5e5af1a6900641e3ef09b029923d011d5 Mon Sep 17 00:00:00 2001
From: Dominick Grift <dominick.grift@gmail.com>
Date: Sat, 9 Nov 2013 10:44:46 +0100
Subject: [PATCH] authlogin: unix_chkpwd traverses / on sysfs device on Debian

Signed-off-by: Dominick Grift <dominick.grift@gmail.com>
---
 policy/modules/system/authlogin.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/system/authlogin.te b/policy/modules/system/authlogin.te
index 09b791dcc..367e92028 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -105,6 +105,7 @@ domain_dontaudit_use_interactive_fds(chkpwd_t)
 
 dev_read_rand(chkpwd_t)
 dev_read_urand(chkpwd_t)
+dev_search_sysfs(chkpwd_t)
 
 files_read_etc_files(chkpwd_t)
 # for nscd