commit: d6513b55d43cc2eee4585c6b86137de1c7e1c3e0
Author: Tianjia Zhang <tianjia.zhang <AT> linux <DOT> alibaba <DOT> com>
AuthorDate: Tue Dec 10 06:45:00 2024 +0000
Commit: Jason Zaman <perfinion <AT> gentoo <DOT> org>
CommitDate: Sat Mar 8 23:01:08 2025 +0000
URL:
https://gitweb.gentoo.org/proj/hardened-refpolicy.git/commit/?id=d6513b55
tpm2: add correct fcontext for tpm2 tools
In newer versions, such as Gentoo, all commands starting with
'tpm2_' are symlinks to the tpm2 command, so tpm2 should be also
correctly labeled.
Signed-off-by: Tianjia Zhang <tianjia.zhang <AT> linux.alibaba.com>
Signed-off-by: Jason Zaman <perfinion <AT> gentoo.org>
policy/modules/services/tpm2.fc | 1 +
1 file changed, 1 insertion(+)
diff --git a/policy/modules/services/tpm2.fc b/policy/modules/services/tpm2.fc
index ab1c0dc19..da41355e5 100644
--- a/policy/modules/services/tpm2.fc
+++ b/policy/modules/services/tpm2.fc
@@ -1,4 +1,5 @@
/usr/bin/tpm2-abrmd
-- gen_context(system_u:object_r:tpm2_abrmd_exec_t,s0)
+/usr/bin/tpm2
-- gen_context(system_u:object_r:tpm2_exec_t,s0)
/usr/bin/tpm2_[^/]+
-- gen_context(system_u:object_r:tpm2_exec_t,s0)
/usr/sbin/tpm2-abrmd
-- gen_context(system_u:object_r:tpm2_abrmd_exec_t,s0)
