selinux-refpolicy/policy/modules/kernel
Corentin LABBE 95db1dda8d mcelog: add missing file context for triggers
I got the following AVC:
allow mcelog_t mcelog_etc_t:file execute;

This is due do some trigger, not being set as bin_t
-rwxr-xr-x. 1 root root system_u:object_r:bin_t         801 nov.   1 19:11 bus-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t        1035 nov.   1 19:11 cache-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t        1213 nov.   1 19:11 dimm-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t         742 nov.   1 19:11 iomca-error-trigger
-rw-r-----. 1 root root system_u:object_r:mcelog_etc_t 7415 nov.   1 19:11 mcelog.conf
-rwxr-xr-x. 1 root root system_u:object_r:mcelog_etc_t 1209 nov.   1 19:11 page-error-counter-replacement-trigger
-rwxr-xr-x. 1 root root system_u:object_r:mcelog_etc_t 1656 nov.   1 19:11 page-error-post-sync-soft-trigger
-rwxr-xr-x. 1 root root system_u:object_r:mcelog_etc_t 1640 nov.   1 19:11 page-error-pre-sync-soft-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t        1308 nov.   1 19:11 page-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t        1057 nov.   1 19:11 socket-memory-error-trigger
-rwxr-xr-x. 1 root root system_u:object_r:bin_t         947 nov.   1 19:11 unknown-error-trigger

Signed-off-by: Corentin LABBE <clabbe.montjoie@gmail.com>
2023-01-03 09:22:11 +01:00
..
corecommands.fc mcelog: add missing file context for triggers 2023-01-03 09:22:11 +01:00
corecommands.if various: fixes for kubernetes 2022-11-04 14:25:52 -04:00
corecommands.te systemd: Remove systemd-run domain. 2022-05-24 11:09:20 -04:00
corenetwork.fc
corenetwork.if.in Add cloud-init. 2022-08-17 15:05:29 -04:00
corenetwork.if.m4 This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
corenetwork.te.in corenet: add portcon for kubernetes 2022-11-03 17:33:14 -04:00
corenetwork.te.m4 work on SELint issues 2020-08-13 21:23:43 +02:00
devices.fc hypervkvp: Port updated module from Fedora policy. 2022-08-17 15:06:43 -04:00
devices.if various: fixes for libvirtd and systemd-machined 2022-12-12 10:36:11 -05:00
devices.te various: fixes for kubernetes 2022-11-04 14:25:52 -04:00
domain.fc
domain.if policy: interfaces: doc: indent param blocks consistently 2021-07-02 12:19:25 +03:00
domain.te domain: move kernel_read_crypto_sysctls to a common location 2022-09-14 17:03:04 -04:00
files.fc files, mount: remove legacy ZFS file contexts 2022-09-13 14:34:44 -04:00
files.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
files.te Drop audit_access allows. 2022-09-20 10:59:19 -04:00
filesystem.fc
filesystem.if filesystem, init: allow systemd to setattr on ramfs dirs 2022-12-12 10:32:10 -05:00
filesystem.te various: fixes for kubernetes 2022-11-04 14:25:52 -04:00
kernel.fc
kernel.if various: fixes for kubernetes 2022-11-04 14:25:52 -04:00
kernel.te container, kernel: add tunable to allow spc to create NFS servers 2022-11-06 18:42:16 -05:00
mcs.fc
mcs.if various: deprecate mcs override interfaces 2021-11-09 13:55:26 -05:00
mcs.te Drop module versioning. 2022-01-06 09:19:13 -05:00
metadata.xml
mls.fc
mls.if remove deprecated from 20190201 2021-01-25 08:59:34 -05:00
mls.te Drop module versioning. 2022-01-06 09:19:13 -05:00
selinux.fc
selinux.if This patch removes deprecated interfaces that were deprecated in the 20210203 2022-12-12 10:32:09 -05:00
selinux.te Drop module versioning. 2022-01-06 09:19:13 -05:00
storage.fc storage: Add fc for /dev/ng*n* devices. 2022-05-25 10:18:51 -04:00
storage.if storage: include chr_files in fixed_disk_dev interfaces 2022-09-13 14:34:44 -04:00
storage.te Drop audit_access allows. 2022-09-20 10:59:19 -04:00
terminal.fc
terminal.if term, init: allow systemd to watch and watch reads on unallocated ttys 2022-05-20 11:27:26 -04:00
terminal.te various: make various types a mountpoint for containers 2022-01-21 15:03:35 -05:00
ubac.fc
ubac.if
ubac.te Drop module versioning. 2022-01-06 09:19:13 -05:00