nnd
/
selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Allow key manipulation 

node=localhost type=AVC msg=audit(1701897597.942:245462): avc:  denied { create } for  pid=14658 comm="cockpit-session" scontext=system_u:system_r:cockpit_session_t:s0 tcontext=sysadm_u:sysadm_r:sysadm_t:s0 tclass=key permissive=1
node=localhost type=AVC msg=audit(1701897597.942:245464): avc:  denied { write } for  pid=14658 comm="cockpit-session" scontext=system_u:system_r:cockpit_session_t:s0 tcontext=sysadm_u:sysadm_r:sysadm_t:s0 tclass=key permissive=1
node=localhost type=AVC msg=audit(1701897597.942:245464): avc:  denied { search } for  pid=14658 comm="cockpit-session" scontext=system_u:system_r:cockpit_session_t:s0 tcontext=sysadm_u:sysadm_r:sysadm_systemd_t:s0-s0:c0.c1023 tclass=key permissive=1
node=localhost type=AVC msg=audit(1701897597.942:245464): avc:  denied { link } for  pid=14658 comm="cockpit-session" scontext=system_u:system_r:cockpit_session_t:s0 tcontext=sysadm_u:sysadm_r:sysadm_systemd_t:s0-s0:c0.c1023 tclass=key permissive=1

Signed-off-by: Dave Sugar <dsugar100@gmail.com>
This commit is contained in:
Dave Sugar 2023-12-10 21:00:32 -05:00
parent b34ce38bfd
commit fcfffd4a2c
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
policy/modules/services/cockpit.te
View File

@ -204,6 +204,8 @@ userdom_spec_domtrans_all_users(cockpit_session_t)
optional_policy(`
systemd_dbus_chat_logind(cockpit_session_t)
systemd_search_all_user_keys(cockpit_session_t)
systemd_write_all_user_keys(cockpit_session_t)
')
optional_policy(`
@ -211,7 +213,9 @@ optional_policy(`
')
optional_policy(`
userdom_create_all_users_keys(cockpit_session_t)
userdom_signal_all_users(cockpit_session_t)
userdom_write_all_users_keys(cockpit_session_t)
')
optional_policy(`