commit: 00d6dd0cfe66101c178573939424a01ecfb1a114
Author: Rahul Sandhu <rahul <AT> sandhuservices <DOT> dev>
AuthorDate: Thu Nov 28 02:21:24 2024 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sun Dec 15 00:19:19 2024 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=00d6dd0c
authlogin: connect to homed
For commands such as `groups(1)` to work, nsswitch_domain needs to be
able to talk to /run/systemd/userdb/io.systemd.Home to obtain
information on systemd-homed users.
Signed-off-by: Rahul Sandhu <rahul <AT> sandhuservices.dev>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/system/authlogin.te | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/system/authlogin.te
b/policy/modules/system/authlogin.te
index 2014c6409..4b8c5fa2a 100644
--- a/policy/modules/system/authlogin.te
+++ b/policy/modules/system/authlogin.te
@@ -476,6 +476,7 @@ sysnet_dns_name_resolve(nsswitch_domain)
ifdef(`init_systemd', `
systemd_stream_connect_userdb(nsswitch_domain)
+ systemd_stream_connect_homed(nsswitch_domain)
')
tunable_policy(`authlogin_nsswitch_use_ldap',`
