[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/services/

Jason Zaman Sun, 21 Mar 2021 15:11:03 -0700

commit:     f1d3bfcfddd12301a24a6c58e60e53f63b782220
Author:     Krzysztof Nowicki <krissn <AT> op <DOT> pl>
AuthorDate: Tue Feb  2 22:13:58 2021 +0000
Commit:     Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Mon Feb 15 19:49:24 2021 +0000
URL:        
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=f1d3bfcf


Allow systemd-tmpfilesd populating of /var/lib/dbus

Signed-off-by: Krzysztof Nowicki <krissn <AT> op.pl>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>

 policy/modules/services/dbus.te | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/policy/modules/services/dbus.te b/policy/modules/services/dbus.te
index 411297ea..0a6c3b72 100644
--- a/policy/modules/services/dbus.te
+++ b/policy/modules/services/dbus.te
@@ -196,6 +196,9 @@ optional_policy(`
 
        # for passing around terminal file handles for machinectl shell
        systemd_use_inherited_machined_ptys(system_dbusd_t)
+
+       # allow populating of /var/lib/dbus by systemd-tmpfilesd
+       systemd_tmpfilesd_managed(system_dbusd_var_lib_t, dir)
 ')
 
 optional_policy(`

[gentoo-commits] proj/hardened-refpolicy:master commit in: policy/modules/services/

Reply via email to