nnd/selinux-refpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
e34e339b96
selinux-refpolicy/policy/modules/admin/alsa.fc
Laurent Bigonville 56a11f07c3 Allow alsa_t to create alsa_runtime_t file as well 
When alsactl is started as a daemon, it creates a pidfile
(/run/alsactl.pid), that needs to be allowed

----
time->Sun Oct  6 10:59:09 2019
type=AVC msg=audit(1570352349.743:45): avc:  denied  { write open } for  pid=804 comm="alsactl" path="/run/alsactl.pid" dev="tmpfs" ino=25882 scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1
type=AVC msg=audit(1570352349.743:45): avc:  denied  { create } for  pid=804 comm="alsactl" name="alsactl.pid" scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1
----
time->Sun Oct  6 11:54:38 2019
type=AVC msg=audit(1570355678.226:657): avc:  denied  { open } for  pid=9186 comm="alsactl" path="/run/alsactl.pid" dev="tmpfs" ino=25882 scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1
type=AVC msg=audit(1570355678.226:657): avc:  denied  { read } for  pid=9186 comm="alsactl" name="alsactl.pid" dev="tmpfs" ino=25882 scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1
----
time->Sun Oct  6 11:54:38 2019
type=AVC msg=audit(1570355678.230:659): avc:  denied  { unlink } for  pid=804 comm="alsactl" name="alsactl.pid" dev="tmpfs" ino=25882 scontext=system_u:system_r:alsa_t:s0 tcontext=system_u:object_r:var_run_t:s0 tclass=file permissive=1

Signed-off-by: Laurent Bigonville <bigon@bigon.be>
2019-10-31 12:08:03 +01:00

26 lines
1.2 KiB
Plaintext
Raw Blame History

HOME_DIR/\.asoundrc -- gen_context(system_u:object_r:alsa_home_t,s0)
/etc/alsa(/.*)? gen_context(system_u:object_r:alsa_etc_t,s0)
/etc/asound\.conf -- gen_context(system_u:object_r:alsa_etc_t,s0)
/run/alsa(/.*)? gen_context(system_u:object_r:alsa_runtime_t,s0)
/run/alsactl\.pid -- gen_context(system_u:object_r:alsa_runtime_t,s0)
/usr/bin/ainit -- gen_context(system_u:object_r:alsa_exec_t,s0)
/usr/bin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
/usr/bin/alsaunmute -- gen_context(system_u:object_r:alsa_exec_t,s0)
/usr/bin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
/usr/lib/systemd/system/[^/]*alsa-restore.* -- gen_context(system_u:object_r:alsa_unit_t,s0)
/usr/lib/systemd/system/[^/]*alsa-state.* -- gen_context(system_u:object_r:alsa_unit_t,s0)
/usr/lib/systemd/system/[^/]*alsa-store.* -- gen_context(system_u:object_r:alsa_unit_t,s0)
/usr/sbin/alsactl -- gen_context(system_u:object_r:alsa_exec_t,s0)
/usr/sbin/salsa -- gen_context(system_u:object_r:alsa_exec_t,s0)
/usr/share/alsa(/.*)? gen_context(system_u:object_r:alsa_etc_t,s0)
/var/lib/alsa(/.*)? gen_context(system_u:object_r:alsa_var_lib_t,s0)
/var/lock/asound\.state\.lock -- gen_context(system_u:object_r:alsa_var_lock_t,s0)
Reference in New Issue View Git Blame Copy Permalink