Merge pull request #631 from dsugar100/label_pwhistory_helper

Label pwhistory_helper
This commit is contained in:
Chris PeBenito 2023-08-18 11:53:50 -04:00 committed by GitHub
commit f3f761c4a8
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 5 additions and 0 deletions

View File

@ -334,6 +334,7 @@ term_use_all_ttys(passwd_t)
term_use_all_ptys(passwd_t)
auth_run_chk_passwd(passwd_t, passwd_roles)
auth_run_upd_passwd(passwd_t, passwd_roles)
auth_manage_shadow(passwd_t)
auth_relabel_shadow(passwd_t)
auth_etc_filetrans_shadow(passwd_t)

View File

@ -4,6 +4,8 @@
/etc/gshadow.* -- gen_context(system_u:object_r:shadow_t,s0)
/etc/shadow.* -- gen_context(system_u:object_r:shadow_t,s0)
/etc/tcb(/.*)? -- gen_context(system_u:object_r:shadow_t,s0)
/etc/security/opasswd -- gen_context(system_u:object_r:shadow_t,s0)
/etc/security/opasswd\.old -- gen_context(system_u:object_r:shadow_t,s0)
/usr/bin/login -- gen_context(system_u:object_r:login_exec_t,s0)
/usr/bin/pam_console_apply -- gen_context(system_u:object_r:pam_console_exec_t,s0)
@ -24,6 +26,7 @@
/usr/sbin/pam_console_apply -- gen_context(system_u:object_r:pam_console_exec_t,s0)
/usr/sbin/pam_timestamp_check -- gen_context(system_u:object_r:pam_exec_t,s0)
/usr/sbin/pwhistory_helper -- gen_context(system_u:object_r:updpwd_exec_t,s0)
/usr/sbin/tcb_convert -- gen_context(system_u:object_r:updpwd_exec_t,s0)
/usr/sbin/tcb_unconvert -- gen_context(system_u:object_r:updpwd_exec_t,s0)
/usr/sbin/unix_chkpwd -- gen_context(system_u:object_r:chkpwd_exec_t,s0)

View File

@ -391,6 +391,7 @@ files_manage_etc_files(updpwd_t)
term_dontaudit_use_console(updpwd_t)
term_dontaudit_use_unallocated_ttys(updpwd_t)
auth_etc_filetrans_shadow(updpwd_t)
auth_manage_shadow(updpwd_t)
auth_use_nsswitch(updpwd_t)